Understanding the Permissions Model

January 4, 2025   Advanced   permissions   security

Blast Office includes a comprehensive permissions model that controls what the AI can access and do. This guide explains how policies work and how to configure them.

What Are Policies?

Policies are sets of rules that control:

  • Filesystem access: Whether the AI can read or write files on your system
  • Internet access: Whether the AI can make web requests
  • Tool usage: Which AI tools are available
  • Feature access: Which application features are enabled

Enforcement Modes

Policies can operate in different enforcement modes:

  • Permissive: The AI can perform actions but violations are logged
  • Advisory: The AI is warned about policy violations but can proceed
  • Strict: Policy violations are blocked entirely

Configuring Permissions

Individual Users

Individual users can configure their own permissions in the application settings:

  1. Open Settings > Security & Permissions
  2. Review and adjust each permission category
  3. Changes take effect immediately

Organizations

Organization administrators can set policies that apply to all members. See the Enterprise Permissions Model tutorial for details.

Default Permissions

By default, Blast Office uses conservative permissions:

  • Filesystem access is disabled — the AI cannot read or write files unless you grant permission
  • Internet access is enabled for AI features (web search, research)
  • All standard tools are available

Best Practices

  • Start with the default permissions and adjust as needed
  • Grant filesystem access only to specific directories when possible
  • Review the Security Best Practices guide for comprehensive security guidance
← Enterprise Permissions Model
Deep Research from Local Files →