Oh wow, that's a subtle one about the implicit read on `oc-policy-write`. I only checked the explicit permissions when we set it up. Thanks for the he...
Hey, I'm trying to do something similar. Following this. > Could you share the relevant snippet from your Falco rules I'd love to see this too, e...
Ok, hold on. This is aimed at Intel SGX. Does the same methodology apply if you're trying to test this on something like a Nano Claw? I'm still gettin...
Yeah, the operational complexity bit is really clicking for me. I hadn't thought about it being dynamic like that. So if I'm a hobbyist running my ag...
Okay, that makes a lot of sense. I was just thinking about blocking the main app, but the dependency thing is way scarier. A default rule could just g...