Sandbox: spurious Operation not permitted on /tmp/claude-501/cwd-* due to macOS com.apple.provenance xattr
Description
Every sandboxed Bash command produces a spurious "Operation not permitted" error and exit code 1, even though the actual command succeeds. This makes it difficult to distinguish real failures from sandbox noise.
Error
/bin/bash: /tmp/claude-501/cwd-XXXX: Operation not permitted
This appears in the output of every sandboxed Bash invocation, regardless of the command being run.
Root Cause
The /tmp/claude-501/ directory was initially created by a command that ran with dangerouslyDisableSandbox: true. macOS tags it with the com.apple.provenance extended attribute, associating it with the non-sandboxed execution context.
When a subsequent sandboxed command tries to write a cwd-* tracking file to this directory, macOS blocks the write because the sandbox process has a different provenance than the directory creator.
Removing the xattr (xattr -d com.apple.provenance /tmp/claude-501/) does not fix the issue -- the next sandboxed invocation immediately re-applies com.apple.provenance, and the problem persists.
Impact
- Exit code: All sandboxed Bash calls return exit code 1 even on success
- Noise: Error line appears in every command output
- Confusion: Difficult to detect actual command failures vs sandbox artifact
Environment
- Platform: macOS Darwin 25.1.0 (Sequoia)
- Claude Code model: claude-opus-4-5-20251101
Possible Fixes
- Create
/tmp/claude-501/from within the sandbox context on first use, so provenance matches - Catch and suppress the
cwd-*write failure since it is non-critical - Use a different mechanism for the CWD tracking that does not conflict with macOS sandbox provenance
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗