• python@lemmy.world
    link
    fedilink
    arrow-up
    27
    ·
    12 hours ago

    Yeah, when my company first forced Claude on everyone the head engineers managed to negotiate that Claude would only run in a WSL sandbox. But people were lazy, so they just gave that WSL as many permissions as possible (Mounting C directly to it, opening up all interfaces, popping in full-access git tokens etc.). Then management sent out an extremely biased “survey” that has the question “Is having Claude in the WSL inconvenient to you?” and all the lazy bastards said yes. So now management lifted the sandboxing requirement to make work “easier” for devs. In the meantime, the engineers arguing for proper sandboxing are already so worn out from telling people to not intentionally compromise their sandbox that they’ve kinda just given up. Not having a sandbox at all isn’t much more insecure than whatever people are already doing 🫠