undefined | Better HN

0 pointse1g1mo ago0 comments

You can use an alias, which takes priority over $PATH. e.g. I have this in .zhsrc to override the "claude" executable to run it in the OS sandbox:

    alias claude="sandbox-exec -f ~/agents-jail.sb ~/.local/bin/claude --dangerously-skip-permissions"

0 comments

plagiarist1mo ago

How does your sandbox ruleset look? I've been using containers on Linux but I don't have a solution for macOS.

e1gOP1mo ago

Here's my ruleset https://gist.github.com/eugene1g/ad3ff9783396e2cf35354689cc6...

My goal is to prevent Claude from blowing up my computer by erasing things it shouldn't touch. So the philosophy of my sanboxing is "You get write access to $allowlist, and read access to everything except for $blocklist".

I'm not concerned about data exfiltration, as implementing it well in a dev tool is too difficult, so my rules are limited to blocking highly sensitive folders by name.

icedchai1mo ago

That's neat. I'm going to base my ruleset off of yours. I've been messing around with claude more and more lately and I need to do something.

AdieuToLogic1mo ago

> Here's my ruleset ...

Thank you for sharing a non-trivial working example of a sandbox-exec configuration. Having an exemplar such as what you have kindly shared is hugely beneficial for those of us looking to see what can be done with a tool such as this.

1 more reply

j / k navigate · click thread line to collapse