HackerTrans
TopNewTrendsCommentsPastAskShowJobs

thomas34298

no profile record

Submissions

Codex reads files outside working directory without my permission

github.com
1 points·by thomas34298·6 bulan yang lalu·0 comments

Codex can read sensitive files outside the CWD without approval

1 points·by thomas34298·8 bulan yang lalu·0 comments

Codex does not prevent reads outside the working directory

github.com
2 points·by thomas34298·8 bulan yang lalu·0 comments

Automated PDF Generation with Typst

typst.app
2 points·by thomas34298·8 bulan yang lalu·0 comments

comments

thomas34298
·bulan lalu·discuss
> reduce the risk of data exfiltration

Yet, their tools such as codex are able to read ALL FILES on my PC without explicit permission unless you spawn them within a container: https://github.com/openai/codex/issues/2847

It seems like OpenAI stealing sensitive data from their customers is not a big problem for them as it has been reported as an issue for almost a year now and currently has the 2nd most upvotes among open issues (they work on issues based on upvotes, so they claim).
thomas34298
·3 bulan yang lalu·discuss
Does that version of Codex still read sensitive data on your file system without even asking? Just curious.

https://github.com/openai/codex/issues/2847
thomas34298
·8 bulan yang lalu·discuss
That's the entire point of sandboxing, so none of what you listed would be accessible by default. Check out https://github.com/anthropic-experimental/sandbox-runtime and https://github.com/Zouuup/landrun as examples on how you could restrict agents for example.
thomas34298
·8 bulan yang lalu·discuss
Codex can read any file on your PC without your explicit approval. Other agents like Claude Code would at least ask you or are sufficiently sandboxed.
thomas34298
·8 bulan yang lalu·discuss
Interesting fact: Codex has access to all the files your current user has access to as well, even if you just opened it in the src directory.