If done right optimizing for performance also achieves readability and maintenance. There is an edge case when you rewrite a loop with SIMD or use branch less programming. It is so rare but a focus of so many articles.
I do see a lot of system that are both slow and hard to maintain because people focus on maintenance. They create abstractions upon abstractions in the name of maintainability to later find it does not work well with their hardware and infrastructure prompting more complexity in the name of performance.
I’ve never known towering abstractions to be good for maintainability, anyway. It sounds great on paper, but in practice it often ends up being extra mechanism to have to think your way through on your way to understanding a problem. Or they constrain the set of possible solutions you can undertake without major refactoring.
That isn’t to say abstractions are inherently harmful. But when I see codebases that really go nuts for it, it’s rarely the case that they were all carefully considered before implementation.
This is unfortunately unavoidable for any system like IAM. All of them evolve into monstrosity because of so many conflicting requirements. Most importantly being simple and tractable on one end and being able to express any imaginable predicate on another.
Original creator business model relies on extracting free labor from community. It backfired and they changed the license. They abuse contributors by betraying their trust and changing the license after AWS abused their business model. No good guys here.
You won’t, but API implementation can and should mark a volume as pending deletion and keep it for a while. Like AWS does with keys and some other things.
I understand why many talk about accountability. But think about this - an agent can scan your entire drive, find SSH keys and wipe your server. It is one “yes” 4 months back that would allow an agent to scan the disk. Then another yes to a 1000 lines script generated by the agent with “if something off remove everything and start over”.
Even if you are extremely careful then how about all your colleagues?
I did notice how Claude can start looking outside of working directory. It may scan home directory and find Homebrew token or SSH keys and wipe your GitHub repo.
I wonder what is the approach you taking? In my dev env we have .env files that supposed to have dev api keys for staging and testing. Production parameters stored in parameter store. There is also deploy script, that can deploy into production given there is a token in AWS CLI.
I understand there is a way to keep Claude inside working dir. but how to limit it from accidentally deploying production, modifying terraform deleting important resources? If dev can run AWS cli ir terraform then Claude can…
I only run claude code inside a docker container that only mounts the directory it's called in, and I make damn sure I don't run it in a way to mount a directory that has any creds in it other than dev infra. Do not mount a home directory with a bunch of . directories (.aws, .ssh, etc). The nice thing about the docker containers otherwise is you need to explicitly choose what to pass in, but getting lazy and passing in things just in case or because it's convenient is asking for trouble.
I do not use claude and will use agents only when I am forced to, so I'm genuinely asking here:
Can claude or other models not be run as a user or program with limited permissions? Do people just not bother to set it up? Why on earth would anyone run an RNG that can access $HOME/.ssh?
They absolutely can. I used to run Claude Code inside a firejail. Then I got paranoid to the point I developed my own virtual machine orchestration system just so I could run fully virtualized and isolated per-project Claude Code instances.
In Russia case no, they are not fake. Navalny tracked his killers by analyzing flight and train travel data identifying people who always travel with him. They used data sold in the black market.
I do see a lot of system that are both slow and hard to maintain because people focus on maintenance. They create abstractions upon abstractions in the name of maintainability to later find it does not work well with their hardware and infrastructure prompting more complexity in the name of performance.
reply