Comment by RandomPoes
2 days ago
Interesting, but do these native sandboxes limit access only to specific files? And I'm not sure, but when these agents invoke a system command, is that also sandboxed, or is it only the agent process itself that's sandboxed (assuming that is even useful)?
This is Claude Code specific but there are similar capabilities for Codex.
"These OS-level restrictions ensure that all child processes spawned by Claude Code’s commands inherit the same security boundaries." [0]
There is a rich deny and allow system for file access that can be used in conjunction with the sandbox [1]
0. https://code.claude.com/docs/en/sandboxing#os-level-enforcem...
1. https://code.claude.com/docs/en/settings#excluding-sensitive...