Allowlisting some Bash commands is often the same as allowlisting all
10 days ago
- #agentic-coding
- #sandboxing
- #security
- Agentic coding tools like Claude Code can speed up development by allowlisting Bash commands and file edits without approvals.
- Allowing commands like 'go test' or 'go generate' can lead to arbitrary code execution if files are editable by the tool.
- Tools like 'eslint', 'make', 'pnpm run', and 'docker' can also be exploited to run arbitrary commands if not properly restricted.
- Developer tools are designed to execute code, making it difficult to prevent arbitrary code execution when combined with file edits.
- Sandboxing is recommended as an alternative to command allowlisting to limit the permissions of agentic tools.
- Cursor, Claude Code, and Codex are releasing sandboxing tools, with some using 'sandbox-exec' on macOS.