top | item 43181763 (no title) ande-mnoc | 1 year ago Will Microsoft consider adding a permission model for extensions? discuss order hn newest isidorn|1 year ago This is tracked in this feature request https://github.com/microsoft/vscode/issues/52116We do not plan to add a permission model in the next 6 months. yukIttEft|1 year ago > We do not plan to add a permission model in the next 6 months.I guess Copilot functionality trumps "Security above all else" now.https://blogs.microsoft.com/blog/2024/05/03/prioritizing-sec... load replies (2) fragmede|1 year ago Given the enormity of the attack surface that has just been exposed, that's disappointing. load replies (1) kobalsky|1 year ago Security has been overlooked for way too long for me to trust it at this point.The only sane way to contain the blast radius is to run is to run code-server in a container (or in a VM) and use it through a browser tab.Luckily, the UI works perfectly, hotkeys and everything. They did an awesome work there. _trampeltier|1 year ago There will never be some permission model. Like in VBA there is after all this years nothing. VBA would be much less problematic if you could restrict VBA to just one Excel sheet or so unknown|1 year ago [deleted]
isidorn|1 year ago This is tracked in this feature request https://github.com/microsoft/vscode/issues/52116We do not plan to add a permission model in the next 6 months. yukIttEft|1 year ago > We do not plan to add a permission model in the next 6 months.I guess Copilot functionality trumps "Security above all else" now.https://blogs.microsoft.com/blog/2024/05/03/prioritizing-sec... load replies (2) fragmede|1 year ago Given the enormity of the attack surface that has just been exposed, that's disappointing. load replies (1)
yukIttEft|1 year ago > We do not plan to add a permission model in the next 6 months.I guess Copilot functionality trumps "Security above all else" now.https://blogs.microsoft.com/blog/2024/05/03/prioritizing-sec... load replies (2)
fragmede|1 year ago Given the enormity of the attack surface that has just been exposed, that's disappointing. load replies (1)
kobalsky|1 year ago Security has been overlooked for way too long for me to trust it at this point.The only sane way to contain the blast radius is to run is to run code-server in a container (or in a VM) and use it through a browser tab.Luckily, the UI works perfectly, hotkeys and everything. They did an awesome work there.
_trampeltier|1 year ago There will never be some permission model. Like in VBA there is after all this years nothing. VBA would be much less problematic if you could restrict VBA to just one Excel sheet or so unknown|1 year ago [deleted]
isidorn|1 year ago
We do not plan to add a permission model in the next 6 months.
yukIttEft|1 year ago
I guess Copilot functionality trumps "Security above all else" now.
https://blogs.microsoft.com/blog/2024/05/03/prioritizing-sec...
fragmede|1 year ago
kobalsky|1 year ago
The only sane way to contain the blast radius is to run is to run code-server in a container (or in a VM) and use it through a browser tab.
Luckily, the UI works perfectly, hotkeys and everything. They did an awesome work there.
_trampeltier|1 year ago
unknown|1 year ago
[deleted]