Why Is There a Silence Around AppArmor and SELinux in the AI Era?

AI bots and software, such as Cursor and GitHub’s MCPs, can access sensitive data in your home directory, including browser cookies and access tokens, to enhance their functionality and provide code suggestions. These tools often integrate various unvetted libraries, leading to potential security risks, as their contributors can be randomly selected. Cursor acknowledges that its tools may inadvertently access unnecessary data. Furthermore, MCP servers are susceptible to remote code execution vulnerabilities due to the lack of strict limitations. This raises concerns about the security measures currently in place, prompting the question of why there is insufficient discussion around using isolation technologies like AppArmor or SELinux to safeguard AI applications, similar to how mobile devices protect user data.

Source link