Maybe a dumb question, but couldn't you use seccomp to limit/deny the amount of syscalls the Python interpreter has access to? For example, if you don't want it messing with your host filesystem, you could just deny it from using any filesystem related system calls? What is the benefit of using a completely separate interpreter?

Yours is a valid approach. But you always gotta wonder if there’s some way around it. Starting with runtime that has ways of accessing every aspect of your system - there are a lot of ways an attacker might try to defeat the blocks you put in place. The point of starting with something super minimal is that the attack surface is tiny. Really hard to see how anything could break out.

agree. you still need a secure boundary like VM to isolate the tenants in case the model breaks out of the sandbox.

everything that you don’t want your agent to access should live outside of the sandbox.

https://github.com/butter-dot-dev/bvisor is pushing in that direction

I am a private pilot (training for instrument rating) so I believe I can help answer the first question.

Lightning is typically not the biggest problem with flying through thunderstorms. To my knowledge, it is the wind shear[1] that is most dangerous. There's also icing and hail that you may have to worry about.

[1] https://www.weather.gov/media/zhu/ZHU_Training_Page/llws/thu...

I have been single all my life (I'm in my early 20s). I don't know if I have any desire to be in a relationship with anyone at this time.

It may be selfish, but there are so many things I want to do with my limited time and I feel like a relationship will just hold me back from doing what I want to do.

I guess it is a fear of being tied down to something and impose on my current, practically unlimited, freedom.

> I don't know if I have any desire to be in a relationship with anyone at this time.

I mean, do you enjoy pair programming? Would you enjoy "pair programming with benefits"?

That's a very nice to put it !

It's all about tradeoffs. Sometime soon you should plan really far then take those requirements back to hit whatever soft deadlines (although there are few or no hard deadlines, so don't sweat it).

The article mentions runway 4L was being used for takeoffs. In the ATC communications, you can hear them say "American 185, runway 31L at KE, line up and wait" before telling Delta 1943 to cancel their takeoff clearance. And after the near collision, ATC tells American 106 Heavy "we're departing runway 4L."

Wouldn't the line up and wait call for American 185 mean that they were departing from both 4L and 31L?

The ATIS recording is here: https://archive.liveatc.net/kjfk/KJFK-D-ATIS-Jan-14-2023-013...

They were landing 4R and 4L, departing 4L and 31L at KE. American 106 ended up departing 31L full length since that's where they had decided to taxi to and it was probably easier to just get rid of them that way rather than have them cross 4L again to depart where everyone else was departing from.

Departing 4L mean that there are no 31L full length take-off (except very very heavy aircraft). 31L at KE does not conflict with 4L, nor does it require crossing 4L.