Ask HN: How do you safely give LLMs SSH/DB access?

A developer wants to let a chatbot do more than copy‑paste commands: think “AI intern” with limited powers over servers (SSH is the secure remote control) and databases. But the Hacker News crowd turned this into a full‑on custody battle. One camp says give the bot a strict chore list—only read logs and run safe queries—then block the dangerous stuff. They even dropped a settings guide for allow/deny lists and suggested using simple tools for file‑based databases like SQLite. Another camp went full bunker mode: treat the bot like a malicious human. That means separate user accounts, tight file permissions, and database logins that can only read specific tables. Postgres fans flexed: “robust permissions” beat playing regex babysitter (regex = text rules that try to filter commands) every time. Then came the spicy nihilists: never give it real power because “anything it can mess up, it will.” Container lovers chimed in with a meme: put the bot in a digital playpen and only let it touch things you’re “happy obliterating.” The vibe? A tug‑of‑war between convenience and doomsday prep, with jokes about “AI interns with blowtorches” and whether your database needs baby gates.