HackerTrans
TopNewTrendsCommentsPastAskShowJobs

thomas34298

no profile record

Submissions

Codex reads files outside working directory without my permission

github.com
1 points·by thomas34298·6 mesi fa·0 comments

Codex can read sensitive files outside the CWD without approval

1 points·by thomas34298·8 mesi fa·0 comments

Codex does not prevent reads outside the working directory

github.com
2 points·by thomas34298·8 mesi fa·0 comments

Automated PDF Generation with Typst

typst.app
2 points·by thomas34298·8 mesi fa·0 comments

comments

thomas34298
·mese scorso·discuss
> reduce the risk of data exfiltration

Yet, their tools such as codex are able to read ALL FILES on my PC without explicit permission unless you spawn them within a container: https://github.com/openai/codex/issues/2847

It seems like OpenAI stealing sensitive data from their customers is not a big problem for them as it has been reported as an issue for almost a year now and currently has the 2nd most upvotes among open issues (they work on issues based on upvotes, so they claim).
thomas34298
·3 mesi fa·discuss
Does that version of Codex still read sensitive data on your file system without even asking? Just curious.

https://github.com/openai/codex/issues/2847
thomas34298
·8 mesi fa·discuss
That's the entire point of sandboxing, so none of what you listed would be accessible by default. Check out https://github.com/anthropic-experimental/sandbox-runtime and https://github.com/Zouuup/landrun as examples on how you could restrict agents for example.
thomas34298
·8 mesi fa·discuss
Codex can read any file on your PC without your explicit approval. Other agents like Claude Code would at least ask you or are sufficiently sandboxed.
thomas34298
·8 mesi fa·discuss
Interesting fact: Codex has access to all the files your current user has access to as well, even if you just opened it in the src directory.