Last active
July 4, 2025 02:36
-
-
Save jongyeol/59f5047102209119a1bda117e3552daa to your computer and use it in GitHub Desktop.
Run Claude Code with --dangerously-skip-permissions and sandbox-exec of macOS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # macOS Only. | |
| # run claude code under sandbox-exec, but allow read for all, and allow write for current directory only and claude related files only. | |
| set -o nounset | |
| CLAUDE_BIN="$HOME/.claude/local/claude" | |
| CLAUDE_CONFIG_JSON="$HOME/.claude.json" | |
| CLAUDE_CONFIG_DIR="$HOME/.claude" | |
| PROJECT_DIR="$(pwd)" | |
| TMP_PROFILE_PATH="/tmp/sandbox_profile_$$.sb" | |
| cat > "$TMP_PROFILE_PATH" <<EOF | |
| (version 1) | |
| (allow default) ;; allow all. syscalls, etc. | |
| (allow network*) ;; allow all network. they're not included in default. | |
| (allow file-read*) ;; allow all file read. | |
| (deny file-write*) ;; deny all file write. | |
| (allow file-write-data | |
| (require-all | |
| (path "/dev/null") | |
| (vnode-type CHARACTER-DEVICE))) | |
| (allow file-write* (regex "^$CLAUDE_CONFIG_JSON")) | |
| (allow file-write* (regex "^$CLAUDE_CONFIG_DIR/")) | |
| (allow file-write* (regex "^$PROJECT_DIR/")) | |
| EOF | |
| sandbox-exec -f "$TMP_PROFILE_PATH" "$CLAUDE_BIN" --dangerously-skip-permissions | |
| rm -f "$TMP_PROFILE_PATH" |
Author
Author
Related issues in claude-code.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It does not work in some cases. More files are required for
file-writeto work correctly.Ref: Codex use sandbox-exec like this. https://github.com/openai/codex/blob/abcca30d93d89197405ec56782e146f7a776297d/codex-cli/src/utils/agent/sandbox/macos-seatbelt.ts#L17-L22