Notifications
Clear all
Topic starter
July 3, 2026 7:01 pm
Translate
▼
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
Hi everyone. I’m new here and still figuring things out, so please be gentle.
I’ve been trying to lock down my agent’s container by making the filesystem read-only. It seems like the first security step everyone recommends. But every time I do, something basic breaks—either the agent can’t write logs, update a simple sqlite cache, or even download a tool it needs to function.
Am I missing something? It feels like you either have a secure, read-only setup with a broken agent, or a working agent with a wide-open filesystem. Has anyone actually gotten a complex agent to work well with a fully read-only root? I’d love some practical guidance.