Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
creata
49 days ago
|
parent
|
context
|
favorite
| on:
Slightly safer vibecoding by adopting old hacker h...
The part that worries me here is the diff. Does it happen in the host or in the guest? What code gets run when you run `yoloai diff`?
kstenerud
49 days ago
[–]
It actually runs git (with hooks disabled) to generate the diff. It happens on the host when using copy mode, and inside the sandbox when using overlay mode.
The above example doesn't specify workdir mounting mode, so it would be copy, not overlay.
creata
49 days ago
|
parent
[–]
If it runs inside the sandbox and the guest is compromised, can't the guest just lie?
kstenerud
49 days ago
|
root
|
parent
[–]
Absolutely. That's why overlay is not the default.
creata
49 days ago
|
root
|
parent
[–]
That's... uh, an interesting approach to security.
kstenerud
49 days ago
|
root
|
parent
[–]
What is? Defaulting to the most secure method?
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
