news newest ask show jobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Allowlisting some Bash commands is often the same as allowlisting all

https://www.joinformal.com/blog/allowlisting-some-bash-commands-is-often-the-same-as-allowlisting-all-with-claude-code/

7•drewgregory•1h ago

Comments

teddyh•47m ago

“…with Claude Code”

adastra22•44m ago

Are there any agent permission systems that do this correctly?

zufallsheld•41m ago

Same thing for allowing specific sudo-commands. Many tools (like vim or the tools mentioned in the article) would have the same problem when allowing them to be run with root privileges.

denysvitali•14m ago

=> https://gtfobins.org/

sadnboxx•33m ago

Allowing a "command" (executable, I believe) that isn't a read-only absolute path is a fool's errand. I will modify PATH and run my own implementation of it.

pimlottc•9m ago

I know they’re just being through but the “go test” part is a bit “Pray, Mr Babbage”… Test code is just code. I know of no language where tests are sandboxed in any meaningful way.

Designing programming languages beyond AI comprehension

1•mr_bob_sacamano•34s ago•0 comments

40 years after the Challenger disaster, spaceflight remains far from routine

https://www.space.com/space-exploration/human-spaceflight/40-years-after-the-space-shuttle-challe...

1•1659447091•2m ago•0 comments

Goodbye Perl

https://github.com/dotnet/fsharp/pull/19226

1•DASD•5m ago•0 comments

Show HN: Open-source alternative to Vercel, Render, Netlify

https://www.shorlabs.com/

12•a_cormance•5m ago•0 comments

UAE launches 'sovereign' open AI model to counter Chinese rivals

https://www.ft.com/content/465c717b-af26-48c1-a530-e9e6d313f96a

1•Anon84•5m ago•1 comments

Behind the Scenes of Metropolis (1927): Old Photos from a Cinematic Masterpiece

https://rarehistoricalphotos.com/metropolis-behind-the-scenes/

2•llm_nerd•6m ago•0 comments

New UK ruling makes stealing virtual currency an actual crime

https://metro.co.uk/2026/01/27/new-uk-ruling-makes-stealing-virtual-currency-actual-crime-26554985/

1•Vaslo•6m ago•0 comments

I used Claude to vibe-code my overcomplicated smart home

https://www.theverge.com/report/869318/claude-vibe-coding-home-assistant-smart-home

1•balloob•9m ago•0 comments

Attention Is Not What You Need

https://arxiv.org/abs/2512.19428

1•hnmouse•12m ago•0 comments

Kprotect: Kernel-Level Security Engine

https://github.com/khoinp1012/kprotect

2•sunshine-o•13m ago•0 comments

Show HN: Supercheck.io – Open-Source AI-Powered Test Automation and Monitoring

https://supercheck.io/

1•krish_kant•15m ago•0 comments

Show HN: Ziva – Cursor for Godot Game Engine

https://ziva.sh

1•OsrsNeedsf2P•16m ago•0 comments

Inverse Rendering for High-Genus 3D Surface Meshes from Multi-View Images

https://arxiv.org/abs/2601.12155

1•PaulHoule•17m ago•0 comments

Show HN: President or Asshole?

https://president.alephz.com/

2•ishener•17m ago•0 comments

Meta Reports Q4 and Full Year 2025 Results

https://investor.atmeta.com/investor-news/press-release-details/2026/Meta-Reports-Fourth-Quarter-...

3•mfiguiere•18m ago•0 comments

VP of Eng thinks Vibe Coding is "Cute" [video]

https://www.youtube.com/watch?v=puVtC9SNA2A

1•yummyelephant8•18m ago•1 comments

Alpine: The modern AI-native productivity suite

https://www.alpine.inc/

3•calebmer•19m ago•1 comments

State of Mozilla 2025

https://stateof.mozilla.org/

1•Levitz•20m ago•0 comments

EduFSDP: I wrote a minimal PyTorch FSDP to understand how it works (~240 LOC)

https://github.com/0xNaN/edufsdp

1•xnan•23m ago•0 comments

The privacy risks of Google's Personal Intelligence

https://www.washingtonpost.com/technology/2026/01/27/google-personal-intelligence-privacy/

1•bookofjoe•24m ago•1 comments

UPS to cut additional 30k jobs in Amazon unwind, turnaround plan

https://www.cnbc.com/2026/01/27/ups-job-cuts-amazon-unwind-turnaround-plan.html

3•Noaidi•25m ago•0 comments

Apple to Soon Take Up to 30% Cut from All Patreon Creators in iOS App

https://www.macrumors.com/2026/01/28/patreon-apple-tax/

18•pier25•26m ago•4 comments

Show HN: AI agent that builds web automations through conversation

https://github.com/VectorlyApp/bluebox-sdk

2•rayruizhiliao•27m ago•0 comments

The Rise and Recent Decline of Tesla's Share of the U.S. Electric Vehicle Market

https://www.mdpi.com/2032-6653/16/2/90

2•decryption•28m ago•0 comments

Troublemaker: The fierce, unruly life of Jessica Mitford

https://www.lrb.co.uk/the-paper/v48/n02/rosemary-hill/one-of-the-worst-things

2•against•28m ago•1 comments

Lad-A2A: How AI agents find each other on local networks

https://lad-a2a.org/

2•franzvill•28m ago•2 comments

Coleman Laws

https://www.kcoleman.me/coleman-laws/

2•speckx•30m ago•0 comments

H3 – A Drinking Club with a Running Problem

https://www.hhh.org.uk

1•6LLvveMx2koXfwn•30m ago•0 comments

Unionised French Ubisoft workers call for an international strike

https://www.rockpapershotgun.com/unionised-french-ubisoft-workers-put-out-call-for-an-internation...

1•pythonic_hell•32m ago•3 comments

Apple Accidentally Built the Most Practical AI Infrastructure on Earth

https://sylvainsaurel.substack.com/p/the-silent-architect-how-apple-accidentally

1•janandonly•33m ago•0 comments