I run Claude from a mounted volume (but no reason you couldn't make a user for it instead) since the Deny(~) makes it impossible to run from the normal locations.
Eleos Technologies | DNS Consulting | REMOTE (US) | Contractor
We build mobile apps and supporting systems for long-haul truck drivers.
We have a critical DNS registrar/hosting migration to do this year and while I did the last one (on a less-critical domain), I'd really like support from someone who has done >5 of these to help our team get it right. Good news: no DNSSEC. =)
Please reach out to me at [email protected] and mention this post if this is you and you have a reference or two. It should be really easy project for the right person, but we'll compensate commensurate with the business risk.
With two[1] other[2] great articles about the guts of how programs _actually_ get loaded and run, I was reminded of the above great (multi-part) article, which I remember reading on the subway in tiny chunks and being surprised it ever works at all.
My CS degree was from a liberal arts university, and while I wouldn't trade anything for the coverage of ethics, previous AI bubbles/winters, and my time in the business and mathematics departments, these articles along with the glibc author's What Every Programmer Should Know About Memory[4] rounded out my education. I still make use of concepts from both when profiling and debugging programs.
I hadn't yet seen it when I wrote this, but 2 is pretty much exactly what Arko says:
> Worried about the possibility of hacked accounts or some sort of social engineering, I took action as the primary on-call engineer to lock down the AWS account and prevent any actions by possible attackers.
Putting myself in Arko’s shoes, I can imagine (charitably!) the following choice, realizing that I still have access and shouldn’t:
1. Try to get in touch, quickly, with someone with the power to fix it and explain what needs to be rotated.
2. Absent 1, especially if it cannot be done quickly, rotate the credentials personally to get them back to a controlled state (by someone who actually
understands the security implications) with the intent to hand them off. Especially if you still _think_ of yourself as responsible for the infrastructure, this is a no-brainer compared to letting anyone else who might be in the same “should have lost access but didn’t, due to negligence” maintain access.
Not a legal defense, but let’s not be too hasty to judge.
I run Claude from a mounted volume (but no reason you couldn't make a user for it instead) since the Deny(~) makes it impossible to run from the normal locations.
export CLAUDE_CONFIG_DIR=/Volumes/Claude/.claude
Minimal .claude/settings.local.json: