| ▲ | ImJasonH 5 hours ago | |||||||
Both Claude Code and Codex use sandbox-exec with Seatbelt to sandbox execution: - https://developers.openai.com/codex/security/#os-level-sandb... | ||||||||
| ▲ | bootlooped 4 hours ago | parent [-] | |||||||
It weirds me out a bit that Claude is able to reach outside the sandbox during a session. According to the docs this is with user consent. I would feed better with a more rigid safety net, which is why I've been explicitly invoking claude with sandbox-exec. | ||||||||
| ||||||||