whitelisting `gh` args should solve it. Event opencode's primitive permission sy... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		nopurpose 28 days ago \| parent \| context \| favorite \| on: OpenClaw isn't fooling me. I remember MS-DOS whitelisting `gh` args should solve it. Event opencode's primitive permission system allows that.

tredre3 27 days ago [–]

The ability to whitelist specific args for commands has been the source of several (countless?) sudo CVEs over the years.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact