Comment by kaliszad

Comment by kaliszad 16 hours ago

Many people seem to be running OpenCode and similar tools on their laptop with basically no privilege separation, sandboxing, fine-grained permissions settings in the tool itself. This tendency is reflected also by how many plugins are designed, where the default assumption is the tool is running unrestricted on the computer next to some kind of IDE as many authentication callbacks go to some port on localhost and the fallback is to parse out the right parameter from the callback URL. Also for some reasons these tools tend to be relative resource hogs even when waiting for a reply from a remote provider. I mean, I am glad they exist, but it seems very rough around the edges compared to how much attention these tools get nowadays.

Please run at least a dev-container or a VM for the tools. You can use RDP/ VNC/ Spice or even just the terminal with tmux to work within the confines of the container/ machine. You can mirror some stuff into the container/ machine with SSHFS, Samba/ NFS, 9p. You can use all the traditional tools, filesystems and such for reliable snapshots. Push the results separately or don't give direct unrestricted git access to the agent.

It's not that hard. If you are super lazy, you can also pay for a VPS $5/month or something like that and run the workload there.

tomrod 14 hours ago

Hi.

> Please run at least a dev-container or a VM for the tools.

I would like to know how to do this. Could you share your favorite how-to?

Reply View 6 replies

ciberado an hour ago

If you are using VSCode against WSL2 or Linux and you have installed Docker, managing devcontainers is very straightforward. What I usually do is to execute "Connect to host" or "Connect to WSL", then create the project directory and ask VSCode to "Add Dev Container Configuration File". Once the configuration file is created, VSCode itself will ask you if you want to start working inside the container. I'm impressed with the user experience of this feature, to be honest.
Working with devcontainers from CLI wasn't very difficult [0], but I must confess that I only tested it once.
[0] https://containers.dev/supporting

Reply View | 0 replies
kaliszad 12 hours ago

I have a pretty non-standard setup but with very standard tools. I didn't follow any specific guide. I have ZFS as the filesystem, for each VM a ZVOL or dataset + raw image and libvirt/ KVM on top. This can be done using e.g. Debian GNU/ Linux in a somewhat straight forward way. You can probably do something like it in WSL2 on Windows although that doesn't really sandbox stuff much or with Docker/ Podman or with VirtualBox.
If you want a dedicated virtual host, Proxmox seems to be pretty easy to install even for relative newcomers and it has a GUI that's decent for new people and seasoned admins as well.
For the remote connection I just use SSH and tmux, so I can comfortably detach and reattach without killing the tool that's running inside the terminal on the remote machine.
I hope this helps even though I didn't provide a step-by step guide.

Reply View | 0 replies
AdieuToLogic 11 hours ago

>> Please run at least a dev-container or a VM for the tools.
> I would like to know how to do this. Could you share your favorite how-to?
See: https://www.docker.com/get-started/
EDIT:
Perhaps you are more interested in various sandboxing options. If so, the following may be of interest:
https://news.ycombinator.com/item?id=46595393

Reply View | 0 replies
yawaramin 12 hours ago

Hi. You are clearly an LLM user. Have you considered asking an LLM to explain how to do this? If not, why not?

Reply View | 2 replies
- exe34 8 hours ago
  
  would an LLM have a favourite tool? I'm sure it'll answer, but would it be from personal experience?
  
  Reply View | 1 reply
  
  cbm-vic-20 2 hours ago
  
  In 2026? It will be the tool from the vendor who spends the most ad dollars with Anthropic/Google/etc.
  
  Reply View | 0 replies

_zoltan_ 7 hours ago

Claude asks you for permissions every time it wants to run something.

Reply View 2 replies

xmcqdpt2 2 hours ago

That's why you run with "dangerously allow all." What's the point of LLMs if I have to manually approve everything? IME you only get half decent results if the agent can run tests, run builds and iterate. I'm not going to look at the wall of texts it produces on every iterations, they are mostly convincing bullshit. I'll review the code it wrote once the tests pass, but I don't want to be "in the loop".

Reply View | 0 replies
estsauver 6 hours ago

Until you run --dangerously-skip-permissions

Reply View | 0 replies

[removed] 8 hours ago

[deleted]

Reply View 0 replies

Imustaskforhelp 16 hours ago

I really like the product created by fly.io's https://sprites.dev/ for AI's sandboxes effectively. I feel like its really apt here (not sponsored lmao wish I was)

Oh btw if someone wants to run servers via qemu, I highly recommend quickemu. It provides default ssh access,sshfs, vnc,spice and all such ports to just your local device of course and also allows one to install debian or any distro (out of many many distros) using quickget.

Its really intuitive for what its worth, definitely worth a try https://github.com/quickemu-project/quickemu

I personally really like zed with ssh open remote. I can always open up terminals in it and use claude code or opencode or any and they provide AI as well (I dont use much AI this way, I make simple scripts for myself so I just copy paste for free from the websites) but I can recommend zed for what its worth as well.

Reply View 0 replies