All your OpenCodes belong to us
34 points
6 hours ago
| 3 comments
| johncodes.com
| HN
kachapopopow
4 hours ago
[-]
I don't know if I missed something, but this CVE isn't that major as it was suggested to be? For one it had to originate from app.opencode.com and even if it didn't most (good) browsers block websites from probing localhost. Yes it is still a pretty bad CVE, but not as critical as some might suggest.
reply
rafram
4 hours ago
[-]
> For one it had to originate from app.opencode.com

No, that was the initial mitigation! Before the vulnerability was reported, the server was accessible to the entire world with a wide-open CORS policy.

https://github.com/anomalyco/opencode/commit/7d2d87fa2c44e32...

reply
ofrzeta
3 hours ago
[-]
How is it wide open? Does everything go through a localhost proxy?
reply
keyle
3 hours ago
[-]
Great write up.

These local agents that you spawn and give access to your drive are kind of insane to me.

It's at the level of

     /bin/bash -c "$(curl -fsSL https://somescriptofftheinternet
which you cannot inspect, and may be well different every time you interact with it!

As per usual, being at the forefront of the tech world is leaving behind privacy and security in the dust... until something bad happens.

reply
globular-toast
2 hours ago
[-]
Not for me. I was running these things in sandboxes from the start. Couldn't believe people were running this stuff straight up.
reply
add-sub-mul-div
3 hours ago
[-]
Historically at least there have been some established high trust projects for which curl | bash made sense. But with AI the scene is full of grifters and vibe coders so we can't have nice things.
reply
geoffmanning
4 hours ago
[-]
The one thing here confusing to me is the past tense used throughout. This CVE seems presented as both past and present, yet the present evidence isn't... Presented.
reply