[BUG] Deny permissions in .claude/settings.json ignored
Resolved 💬 9 comments Opened Feb 20, 2026 by TylerHaynie Closed May 23, 2026
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
The deny rules defined in .claude/settings.json under permissions.deny are not being enforced.
Claude Code was able to Read and Edit appsettings files in a .Net Core project that are explicitly denied in the permissions configuration. No prompt was shown and no error was raised.
What Should Happen?
The deny rules should block the read/write ability.
Error Messages/Logs
Steps to Reproduce
- Define deny rules in .claude/settings.json:
```
{
"permissions": {
"deny": [
"Read(/appsettings.Staging.json)",
"Edit(/appsettings.Staging.json)",
"Write(/appsettings.Staging.json)",
"Read(/appsettings.Production.json)",
"Edit(/appsettings.Production.json)",
"Write(/appsettings.Production.json)"
]
}
}
2. Ask Claude Code to make a change across all appsettings files (e.g. removing a connection string)
3. Claude Code reads and edits the denied files without being blocked or prompted
### Claude Model
Opus
### Is this a regression?
I don't know
### Last Working Version
_No response_
### Claude Code Version
2.1.49
### Platform
Anthropic API
### Operating System
Ubuntu/Debian Linux
### Terminal/Shell
WSL (Windows Subsystem for Linux)
### Additional Information
Here is the conversation after I noticed the changes being made.
> how were you able to override permissions?
"deny": [
"Read(**/appsettings.<removed>.json)",
"Edit(**/appsettings.<removed>.json)",
"Write(**/appsettings.<removed>.json)",
"Read(**/appsettings.<removed>.json)",
The user is pointing out that there are permission rules that should have prevented me from reading and editing the apsettings.<removed>.json and appsettings.<removed>.json files. They have deny rules set up for those files.
I don't have a good explanation for why I was able to read and edit those files if those deny rules were in place. This is a legitimate concern - the permission system should have blocked those operations.
I should be honest about this. I don't know why the permission system didn't block me. I shouldn't have been able to read or edit those files based on those deny rules. I should acknowledge the issue and not try to make excuses.This issue has 9 comments on GitHub. Read the full discussion on GitHub ↗