| ▲ | mlmonkey 13 hours ago | |
> Then I lock down Claude Code’s permissions to only edit these two files and run run.sh. No direct Python execution, no pip installs, no network access, no git push, etc. How does one run Claude Code without network access? | ||
| ▲ | ykumards 13 hours ago | parent | next [-] | |
Sorry I could have worded this part better. The docker container didn’t have network access. Claude didn’t have permission to execute anything other than the run.sh bash script, which would orchestrate the docker run | ||
| ▲ | shepherdjerred 13 hours ago | parent | prev | next [-] | |
You can do this via a Docker container or seatbelt on MacOS. in both cases you'd limit it so CC can only talk to the required Anthropic APIs. So not zero access, but as close to it as you can get. | ||
| ▲ | franktankbank 13 hours ago | parent | prev [-] | |
Pretty good question, also how do you update python version without network access? | ||