HackerTrans
トップ新着トレンドコメント過去質問紹介求人

thomas34298

no profile record

投稿

Codex reads files outside working directory without my permission

github.com
1 ポイント·投稿者 thomas34298·6 か月前·0 コメント

Codex can read sensitive files outside the CWD without approval

1 ポイント·投稿者 thomas34298·8 か月前·0 コメント

Codex does not prevent reads outside the working directory

github.com
2 ポイント·投稿者 thomas34298·8 か月前·0 コメント

Automated PDF Generation with Typst

typst.app
2 ポイント·投稿者 thomas34298·8 か月前·0 コメント

コメント

thomas34298
·先月·議論
> reduce the risk of data exfiltration

Yet, their tools such as codex are able to read ALL FILES on my PC without explicit permission unless you spawn them within a container: https://github.com/openai/codex/issues/2847

It seems like OpenAI stealing sensitive data from their customers is not a big problem for them as it has been reported as an issue for almost a year now and currently has the 2nd most upvotes among open issues (they work on issues based on upvotes, so they claim).
thomas34298
·3 か月前·議論
Does that version of Codex still read sensitive data on your file system without even asking? Just curious.

https://github.com/openai/codex/issues/2847
thomas34298
·8 か月前·議論
That's the entire point of sandboxing, so none of what you listed would be accessible by default. Check out https://github.com/anthropic-experimental/sandbox-runtime and https://github.com/Zouuup/landrun as examples on how you could restrict agents for example.
thomas34298
·8 か月前·議論
Codex can read any file on your PC without your explicit approval. Other agents like Claude Code would at least ask you or are sufficiently sandboxed.
thomas34298
·8 か月前·議論
Interesting fact: Codex has access to all the files your current user has access to as well, even if you just opened it in the src directory.