Remix clone Hacker News

new | show | ask | jobs Github

▲

AnotherGoodName 5 hours ago

This very thread was an example where it unintentionally got root access though.

▲

embedding-shape 5 hours ago | parent [-]

Because of how Docker works, not because of how Unix permissions work.

▲

f33d5173 4 hours ago | parent [-]

Unix has always had incredibly weak protections between users. You shouldn't rely on it as a security boundary. Think of it as a "keep honest users honest" protection. And llms are not honest.

	▲	ElectricalUnion 3 hours ago \| parent [-]
		The protections between users are reasonably strong. Android uses them with great success, by isolating every vendor within their own user. Things start going to hell when everything runs under root for "practicality reasons", like the default, not-rootless Docker setup.