Rather, why do people still run agents as their own user. IMO, agent sessions should at least be containerised with just necessary code mounted.

▲

ssl-3 6 hours ago | parent | next [-]

Safety and simplicity are concepts that often won't get along very well with eachother.

	▲	SoftTalker 5 hours ago \| parent [-]
		And containers were initially and primarily about convenience not security. They were a way to quickly launch a preconfigured environment to respond to demand or to eliminate the need to manualy configure dev and test environments and avoid the "works on my machine" phenomenon.

▲

throwaway613746 6 hours ago | parent | prev [-]

People will more often than not, take the path of least resistance. Even if you tell them it's dangerous they will not care. People run this stuff on their primary workstation, unconfined, with permissions disabled because they don't want be bothered with accepting permission requests. This is all well and good until it decides to drop your production database or delete your home directory. Most of them don't even learn their lesson after that even.