agent-sandbox

Author	SHA1	Message	Date
Kristóf Tóth	82f84247f1	Rework handling of /run and ${RUNUSER} in blacklist mode	2026-03-25 22:48:39 +01:00
Kristóf Tóth	0bd91ffad2	Add /sys to whitelist mode	2026-03-25 22:22:35 +01:00
Kristóf Tóth	dccf2309a5	Add --new-session to bwrap invocation	2026-03-25 22:15:21 +01:00
Kristóf Tóth	9f82ca21ee	Add /dev/input/ to SENSITIVE_PATHS for blacklist mode	2026-03-25 22:00:32 +01:00
Kristóf Tóth	ada9da7ae7	Reject empty HOME envvar	2026-03-20 21:43:08 +01:00
Kristóf Tóth	4112288a30	Ensure passing relative paths to CLI works	2026-03-20 21:36:55 +01:00
Kristóf Tóth	94535b20d3	Fix blacklist bind mount order	2026-03-20 21:02:48 +01:00
Kristóf Tóth	826c6d5531	Add ~/.claude.json to agent paths and use --bind-try	2026-03-20 20:41:24 +01:00
Kristóf Tóth	50dafb4c37	Fix read-only /dev, /proc, /tmp, /var/tmp, /run in blacklist mode	2026-03-20 20:40:57 +01:00
Kristóf Tóth	c8e0d4813a	Use --ro-bind-try for system files in whitelist mode	2026-03-20 19:29:53 +01:00
Kristóf Tóth	b4b94856ac	Skip run_user overlay when runtime dir is unknown	2026-03-20 19:29:43 +01:00
Kristóf Tóth	9da043a70e	Remove redundant /etc/ssh/* glob entry	2026-03-20 19:29:38 +01:00
Kristóf Tóth	ba885b7dd6	Ensure test file is cleaned up in cwd_is_writable test case	2026-03-20 18:52:03 +01:00
Kristóf Tóth	bf53d92d49	Initial commit	2026-03-20 18:40:08 +01:00