[BUG] Sandbox CWD tracking uses CLAUDE_CODE_TMPDIR which is not in sandbox allow list

Resolved 💬 3 comments Opened Jan 30, 2026 by karptonite Closed Jan 30, 2026

Description

Every sandboxed Bash command produces the error:

zsh:1: operation not permitted: /tmp/claude-501/cwd-xxxx

Commands execute successfully despite the error, but the noise is confusing and makes it appear that commands are failing (exit code 1).

Root Cause

Claude Code sets two different temp directory environment variables with mismatched paths:

TMPDIR=/tmp/claude              # Sandbox-allowed
CLAUDE_CODE_TMPDIR=/tmp/claude-501   # NOT sandbox-allowed

The CWD tracking mechanism writes to $CLAUDE_CODE_TMPDIR/cwd-{random}, but the sandbox only allows writes to $TMPDIR (/tmp/claude/).

Reproduction Steps

  1. Run any sandboxed Bash command
  2. Observe the zsh:1: operation not permitted error in output
  3. Run env | grep -i tmp to see the mismatched paths

Expected Behavior

Either:

  • CLAUDE_CODE_TMPDIR should match TMPDIR (both /tmp/claude/)
  • Or /tmp/claude-{UID}/ should be added to the sandbox allow list

Environment

  • Claude Code Version: 2.1.25
  • OS: macOS (Darwin 25.2.0)
  • Shell: zsh
  • Platform: Apple Silicon (darwin arm64)

Related Issues

  • #11480 was closed but this appears to be a regression or variant using UID-suffixed paths

Workaround

Running with dangerouslyDisableSandbox: true eliminates the error, but this is not ideal for security.

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗