HackerTrans
TopNewTrendsCommentsPastAskShowJobs

thomas34298

no profile record

Submissions

Codex reads files outside working directory without my permission

github.com
1 points·by thomas34298·há 6 meses·0 comments

Codex can read sensitive files outside the CWD without approval

1 points·by thomas34298·há 8 meses·0 comments

Codex does not prevent reads outside the working directory

github.com
2 points·by thomas34298·há 8 meses·0 comments

Automated PDF Generation with Typst

typst.app
2 points·by thomas34298·há 8 meses·0 comments

comments

thomas34298
·mês passado·discuss
> reduce the risk of data exfiltration

Yet, their tools such as codex are able to read ALL FILES on my PC without explicit permission unless you spawn them within a container: https://github.com/openai/codex/issues/2847

It seems like OpenAI stealing sensitive data from their customers is not a big problem for them as it has been reported as an issue for almost a year now and currently has the 2nd most upvotes among open issues (they work on issues based on upvotes, so they claim).
thomas34298
·há 3 meses·discuss
Does that version of Codex still read sensitive data on your file system without even asking? Just curious.

https://github.com/openai/codex/issues/2847
thomas34298
·há 8 meses·discuss
That's the entire point of sandboxing, so none of what you listed would be accessible by default. Check out https://github.com/anthropic-experimental/sandbox-runtime and https://github.com/Zouuup/landrun as examples on how you could restrict agents for example.
thomas34298
·há 8 meses·discuss
Codex can read any file on your PC without your explicit approval. Other agents like Claude Code would at least ask you or are sufficiently sandboxed.
thomas34298
·há 8 meses·discuss
Interesting fact: Codex has access to all the files your current user has access to as well, even if you just opened it in the src directory.