← Back to Docs
Configuration

Configure permissions for safe autonomous operation

Permissions define what actions can run without confirmation. They are the boundary between autonomous operation and manual oversight. In QuantenRam, well-configured permissions let agents work efficiently while preventing costly or dangerous mistakes.

The principle of least privilege applies: agents should have exactly the permissions they need, no more. This isn't just about security—it's about predictability. When an agent has limited permissions, you can reason about what it might do. When permissions are broad, outcomes become unpredictable.

Limit write/network rights consciously

Write operations and network access are the highest-risk permissions. They should be granted selectively and reviewed regularly. Consider whether an agent really needs to write files or make network calls, or if read-only access would suffice.

Guard destructive permissions

Operations that delete data, modify production systems, or make irreversible changes should require explicit confirmation. Don't grant these permissions broadly. Use specific allowlists for what can be deleted or modified.

Apply least-privilege defaults

Start with minimal permissions and add only what's necessary. It's easier to grant additional permissions when needed than to recover from an agent that had too much access. Document why each permission is granted.

Permission categories and levels

QuantenRam organizes permissions into categories based on risk level. Each category has multiple levels, from read-only to full control.

// Permission configuration
{
  "permissions": {
    "filesystem": {
      "read": ["./src", "./docs", "./tests"],
      "write": ["./src/temp", "./logs"],
      "delete": []
    },
    "network": {
      "allowed_hosts": ["api.quantenram.net", "github.com"],
      "blocked_hosts": ["*"],
      "max_requests_per_minute": 60
    },
    "execution": {
      "allowed_commands": ["npm", "pytest", "black"],
      "blocked_commands": ["rm", "sudo", "chmod"],
      "max_execution_time": 300
    },
    "api": {
      "allowed_endpoints": ["GET /v1/models", "POST /v1/chat/completions"],
      "rate_limit": "100/hour"
    }
  }
}

This configuration grants selective filesystem access, limits network to specific hosts, restricts command execution to safe commands, and controls API usage. The principle is explicit allowlisting rather than broad grants with exceptions.

Permission escalation and review

Sometimes an agent needs elevated permissions for a specific task. QuantenRam supports temporary permission escalation with logging and review requirements.

// Temporary escalation
{
  "escalation": {
    "deployment_write": {
      "duration": "30 minutes",
      "requires_approval": true,
      "audit_log": true,
      "allowed_paths": ["./deploy/staging"],
      "notify": ["team-lead@company.com"]
    }
  }
}

Escalation requests are logged and can trigger notifications. This creates accountability while allowing necessary flexibility. After the escalation period expires, permissions automatically revert to baseline.

Permissions are safety boundaries, not obstacles. When configured thoughtfully, they enable confident autonomous operation by clearly defining what's safe to do without asking.