Ok, but I am really curious about this and maybe my mental model is wrong:
- llama.cpp or ollama can be seen as runtime systems,
- there is no security model regarding the execution documented in both of those projects,
- of course the models are just data but so are most things that have been used as an attack vector on computers. For example your web browser or image viewer have a lot of countermeasures to protect the system from malicious image files.
I am surprised that security of operating systems, programming languages, VMs or web browsers have been a focus point forever but nobody seems to really care about security when executing those LLMs.
- llama.cpp or ollama can be seen as runtime systems,
- there is no security model regarding the execution documented in both of those projects,
- of course the models are just data but so are most things that have been used as an attack vector on computers. For example your web browser or image viewer have a lot of countermeasures to protect the system from malicious image files.
I am surprised that security of operating systems, programming languages, VMs or web browsers have been a focus point forever but nobody seems to really care about security when executing those LLMs.