zeenix · August 31, 2025 17:12
diff --git a/sandboxed-claude.sh b/sandboxed-claude.sh
 #!/bin/sh
 #
 # Run Claude Code with all the permissions in a sandbox.
 #
 # Claude Code process gets read-only access to most of the filesystem and write access to the
 # specific folder and a persistent sandboxed home directory. This means we can tell `claude` to
 # bypass all permissions, allowing it to run almost completely autonomously, instead of asking for
 # permission to run every command, it needs to run.

 WRITABLE=$1

 if test -z "$WRITABLE"; then
    echo "Usage: $0 <writable-directory>"
    exit 1
 fi

 if ! test -d "$WRITABLE"; then
    echo "Error: Directory '$WRITABLE' does not exist"
    exit 1
 fi

 # Setup persistent sandboxed home directory
 SANDBOX_HOME=""$HOME"/.sandboxed-claude-home"

 # Create sandboxed home if it doesn't exist
 if ! test -d "$SANDBOX_HOME"; then
    mkdir -p "$SANDBOX_HOME"

    # Create necessary directories
    mkdir -p "$SANDBOX_HOME/.cache"
    mkdir -p "$SANDBOX_HOME/.local"
 fi

 exec bwrap \
  --ro-bind / / \
  --dev /dev \
  --proc /proc \
  --tmpfs /tmp \
  --share-net \
  --bind "$SANDBOX_HOME" "$HOME" \
  --bind "$HOME"/.npm-global "$HOME"/.npm-global \
  --bind "$HOME"/.npm "$HOME"/.npm \
  --bind "$HOME"/.claude "$HOME"/.claude \
  --bind "$HOME"/.claude.json "$HOME"/.claude.json \
  --ro-bind "$HOME"/.npmrc "$HOME"/.npmrc \
  --ro-bind "$HOME"/.gitconfig "$HOME"/.gitconfig \
  --ro-bind "$HOME"/.config "$HOME"/.config \
  --ro-bind "$HOME"/.cargo "$HOME"/.cargo \
  --ro-bind "$HOME"/.rustup "$HOME"/.rustup \
  --bind "$WRITABLE" "$WRITABLE" \
  --setenv HOME "$HOME" \
  --setenv USER "$USER" \
  --chdir "$WRITABLE" \
  "$HOME"/.npm-global/bin/claude --permission-mode bypassPermissions
	#!/bin/sh
	#
	# Run Claude Code with all the permissions in a sandbox.
	#
	# Claude Code process gets read-only access to most of the filesystem and write access to the
	# specific folder and a persistent sandboxed home directory. This means we can tell `claude` to
	# bypass all permissions, allowing it to run almost completely autonomously, instead of asking for
	# permission to run every command, it needs to run.

	WRITABLE=$1

	if test -z "$WRITABLE"; then
	echo "Usage: $0 <writable-directory>"
	exit 1
	fi

	if ! test -d "$WRITABLE"; then
	echo "Error: Directory '$WRITABLE' does not exist"
	exit 1
	fi

	# Setup persistent sandboxed home directory
	SANDBOX_HOME=""$HOME"/.sandboxed-claude-home"

	# Create sandboxed home if it doesn't exist
	if ! test -d "$SANDBOX_HOME"; then
	mkdir -p "$SANDBOX_HOME"

	# Create necessary directories
	mkdir -p "$SANDBOX_HOME/.cache"
	mkdir -p "$SANDBOX_HOME/.local"
	fi

	exec bwrap \
	--ro-bind / / \
	--dev /dev \
	--proc /proc \
	--tmpfs /tmp \
	--share-net \
	--bind "$SANDBOX_HOME" "$HOME" \
	--bind "$HOME"/.npm-global "$HOME"/.npm-global \
	--bind "$HOME"/.npm "$HOME"/.npm \
	--bind "$HOME"/.claude "$HOME"/.claude \
	--bind "$HOME"/.claude.json "$HOME"/.claude.json \
	--ro-bind "$HOME"/.npmrc "$HOME"/.npmrc \
	--ro-bind "$HOME"/.gitconfig "$HOME"/.gitconfig \
	--ro-bind "$HOME"/.config "$HOME"/.config \
	--ro-bind "$HOME"/.cargo "$HOME"/.cargo \
	--ro-bind "$HOME"/.rustup "$HOME"/.rustup \
	--bind "$WRITABLE" "$WRITABLE" \
	--setenv HOME "$HOME" \
	--setenv USER "$USER" \
	--chdir "$WRITABLE" \
	"$HOME"/.npm-global/bin/claude --permission-mode bypassPermissions
No results found