TechPulseTechPulse
Back to News
Advertisement
Advertisement

⚡ Community Insights

Discussion Sentiment

60% Positive

Analyzed from 117 words in the discussion.

Trending Topics

#file#scratch#trusted#trust#non#visiting#buffers#configure#read#permission

Discussion (4 Comments)Read Original on HackerNews

accelbred•about 1 hour ago
The one problem I have with the trusted files thing is that I have no way to trust non-file-visiting buffers. Why is *scratch* untrusted!? *scratch* should always be trusted, without me having to configure anything, ideally. Though a setting to automatically trust non-file-visiting buffers would be nice. I just ended up stopping using the scratch buffer because of that issue.
like_any_other•about 2 hours ago
It's getting so very old - all I want out of a process is code autocomplete, but I have to grant it read & write permission to my entire disk and network. When do we get good permissions and sandboxing and isolation? This can't go on.
nextos•about 1 hour ago
I agree granting processes permission to read any file is unsustainable.

In Linux, sandboxing with Firejail and bwrap is quite easy to configure and allows fine-grained permissions.

Also, the new Landlock LSM and LSM-eBPF are quite promising.

boxedemp•about 2 hours ago
I build my own. Maybe I nee to externalize it...