let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add sandbox scope default

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-07 02:31:51 +01:00
parent 4d4e4de915
commit 467d4e17fe
8 changed files with 102 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/gateway/security.md
View File

@@ -140,10 +140,11 @@ We're considering a `readOnlyMode` flag that prevents the AI from:
Two complementary approaches:
- **Run the full Gateway in Docker** (container boundary): [Docker](/install/docker)
- **Per-session tool sandbox** (`agent.sandbox`, host gateway + Docker-isolated tools): [Configuration](/gateway/configuration)
- **Tool sandbox** (`agent.sandbox`, host gateway + Docker-isolated tools): [Configuration](/gateway/configuration)
Note: to prevent cross-agent access, keep `perSession: true` so each session gets
its own container + workspace. `perSession: false` shares a single container.
Note: to prevent cross-agent access, keep `sandbox.scope` at `"agent"` (default)
or `"session"` for stricter per-session isolation. `scope: "shared"` uses a
single container/workspace.
Important: `agent.elevated` is an explicit escape hatch that runs bash on the host. Keep `agent.elevated.allowFrom` tight and dont enable it for strangers.