Comment by newtwilly

I run with the dangerous option on my work computer. At first I was thinking I would be good if I just regularly kept full disk backups. But my company at least pays lip service to the fact that we want to protect our intellectual property. Plus I think it might be irresponsible to allow an AI model full internet access unsupervised.

So now I use a docker compose setup where I install Claude and run it in a container. I map source code volumes into the container. It uses a different container with dnsmasq with an allowlist.

I initially wanted to do HTTP proxying instead of DNS filtering since it would be more secure, but it was quite hard to set it up satisfactorily.

Running CLI programs with the dangerous full permissions is a lot more comfortable and fast, so I'm quite satisfied.