2 hours ago · Tech · 0 comments

I realized you can use containers to run Claude Code in yolo mode with Internet access relatively safely, without needing to maintain a dedicated VM. This might sound obvious. The whole point of containers is to isolate the contained processes from the host. Run Claude in a container, mount your project inside the container, and call it a day. This works fine, and will certainly prevent Claude from running commands on the host or accessing files outside your project directory. But when you’re working on a software project, Claude is still writing the code you’re going to run on the host, and because it has control of your .git directory, you can’t even inspect it safely. Why not? Because .git/config includes configuration for viewers like external diffing tools, which means arbitrary code execution during git diff. If you give Claude write access to .git/, then run git diff on the host, you give it the ability to lie to you about the contents of the diff, or just run code on your host…

No comments yet. Log in to reply on the Fediverse. Comments will appear here.