are SOTA configuration languages sufficient for AI proliferation?

My main aim is to work on “hardening the box” i.e. eliminating software bugs so containment schemes don’t fail for preventable reasons. But in the famous 4o system card example, the one that looks a little like docker exfiltration, the situation arose from user error, wild guess in compose.yaml or the shell script invoking docker run.

In a linux machine

Here’s an example nix file

users.users =
    let
      authorized-key-files = [
        “${keyspath}/​id_server_ed25519.pub”
        “${keyspath}/​id_qd_ed25519.pub”
      ];
    in
    {
      unpermissioneduser = { 
        isNormalUser = false;
        extraGroups = [ “docker” ];
        description = “AgentID=claude-0x0000″;
      };
      coreuser = {
        isNormalUser = true;
        extraGroups = [
          “wheel”
          “networkmanager”
          “docker”
          “video”
        ];
        home = ”/​home/​coreuser”;
        description = “Core User (delegator of unpermissioneduser)”;
        shell = pkgs.fish;
        openssh.authorizedKeys.keyFiles = authorized-key-files;
      };
      root = {
        openssh.authorizedKeys.keyFiles = authorized-key-files;
        shell = pkgs.fish;
      };
    };

You can see that unpermissioneduser has less abilities than coreuser. So you can imagine I just say that unpermissioneduser is an agent and coreuser is the human delegator.

Nix is simply a fully declarative way to do standard linux permissioning (a feature not in the snippet is allocating chmod/​chown information for particular users to particular parts of the filesystem). There’s no conceptual leaps from the status quo.

agents and delegation

is linux all that great for when you want to keep track of who’s a delegatee and who’s a delegator? do we need a more graph flavored version of linux userspace/​permissions? I’m talking about once we’re reasoning about proliferating agents and their permissions on various machines. Linux groups do not support inheritance, but a user can be a member of many groups. So you could in principle MVP a graph based permissions DSL (perhaps in Nix) on top of the existing Linux user/​group ontology, 80% confident, but it could be hairier than making a new ontology. idk.