Remix.run Logo
Izkata 7 hours ago

...this is a completely normal thing to do in linux, it's the most basic form of access control. There's like a dozen non-human accounts in a clean install before adding your own like this, and a lot of software adds their own. Edit: I have 54 entries on my personal laptop, just one of which is actually me.

khalic 6 hours ago | parent | next [-]

This model is already not perfect, and not at all built for agents. The only way to secure an agent is an air-gap with the execution layer. Treat it like text, and the problem never arises until you “interpret” the agent output in a more limited environment than the OS

dcow 7 hours ago | parent | prev | next [-]

Even though it’s completely normal to us and in widespread use, GP is a reminder that conceptually it’s a broken model. Security should be capability-based not user-based. And to anyone who didn’t grow up on a desktop this model makes complete sense since it’s what your phone uses.

Sesse__ 7 hours ago | parent [-]

Android uses one uid per app.

warshinder 7 hours ago | parent | prev [-]

He said it’s less than a software, so saying software does this too isn’t really a strong counter argument. In case, I don’t think you are really in disagreement. Restricted accounts are necessary is your point, but I think op is saying they aren’t sufficient.

Izkata 7 hours ago | parent [-]

One of the default users is "nobody" which isn't associated with any software. It's definitely above that.

warshinder 7 hours ago | parent [-]

Is it less secure if I simply have nothing to do with language models whatsoever? I take that to be the parents point, but I know you are correct and yes, user restrictions should be a necessary part of the way people who use LLMs setup their system to use them in a safe manner.