那是12月的情况。4个月和数千个工作小时后,我们有了一个出色的安全概念;你可以完全yolo,使用沙盒(Docker或OpenShell),有白名单和每次访问的执行允许/拒绝提示。 有数百名安全研究人员对它进行了渗透测试。 [引用 @maxintechnology]:@steipete @openclaw 我不认为OpenClaw是一个参考。它实际上没有适当的安全模型。OpenClaw上的任何东西都不是安全设计的。
That was the case in December. 4 months and thousands of work hours later, we have a great security concept; you can go all yolo, use a sandbox (Docker or OpenShell), there are allow-lists and per-access exec allow/deny prompts.
There's hundreds of security researchers that pen-tested it.