docs: clarify perSession isolation

2026-01-06 23:22:49 +01:00
parent 39d2ba78b7
commit e05a29395e
4 changed files with 11 additions and 1 deletions
--- a/docs/docker.md
+++ b/docs/docker.md
@@ -81,6 +81,9 @@ container. The gateway stays on your host, but the tool execution is isolated:
 - allow/deny tool policy (deny wins)
 - inbound media is copied into the sandbox workspace (`media/inbound/*`) so tools can read it

+Warning: setting `perSession: false` disables per-session isolation. All sessions
+share one container and one workspace, so there is no cross-session isolation.
+
 ### Default behavior

 - Image: `clawdbot-sandbox:bookworm-slim`