"Security at the expense of usability, comes at the expense of security."
Related Posts
I'm a fan of the Software Unscripted podcast, and I particularly enjoyed this recent episode about CrowdStrike and security culture: https://www.youtube.com/watch?v=rzjaZssBEiI
The guest (Kelly Shortridge) compares attackers to lawyers trying to find loopholes. This is such a great analogy.
I find it odd that people recommend Docker for sandboxing agentic coding tools. Isn't it easier to just create a separate user account on the machine?
It's an established security boundary, and viewing output is easy (just make the user's home directory world readable).