Native session-scoped temp directory (/tmp/claude-<session-id>/)
Problem
Claude Code frequently needs temporary file access for intermediate operations — commit message drafts, tool output capture (e.g. InspectCode XML), diff staging, and multi-step workflows where compound commands aren't available. Each temp file operation triggers a permission prompt, creating persistent friction.
Users who enforce single-command discipline (blocking &&, ||, ;, $(...)) experience this more acutely, since Claude falls back to temp files for intermediate state between sequential commands.
Currently, users must manually configure permission rules and CLAUDE.md instructions to grant temp access. Even then, concurrent sessions risk filename collisions when writing to bare /tmp/.
Proposal
Claude Code should natively manage a session-scoped temp directory:
- Create
/tmp/claude-<session-id>/at session start - Expose the path via environment variable (e.g.
$CLAUDE_TMPDIR) - Pre-authorise read/write/delete within it — no permission prompts
- Deny build/compile commands targeting it (same security boundary as the rest of
/tmp/) - Clean up at session end (best-effort; OS also cleans
/tmp/on reboot)
Why /tmp/
- Idiomatic — universally recognised temp space across all platforms
- Auto-cleaned by OS on reboot — no persistent disk pressure
- Every tool and developer already expects it
- No user configuration required
Why session-scoped subdirectory
- Concurrent Claude sessions get isolated directories — no filename collisions
- Files within use natural names (no
$PPIDprefixing convention needed) - Trivial cleanup — one
rm -rfremoves the entire session's temp state
Current workaround
Users can approximate this today with:
- CLAUDE.md instructions: "Use
/tmp/claude-$PPID/for all temp files" - Permission allow rules for
/tmp/claude-prefix - PreToolUse hooks to enforce the convention (block bare
/tmp/access)
This works but requires per-user setup across settings, hooks, and instructions. Native support would eliminate this configuration entirely.
Scope
This is a harness-level change — no model behaviour modification needed. The harness:
- Creates the directory
- Sets the environment variable
- Adds it to the pre-authorised path list
- Cleans up on exit
The model would naturally use $CLAUDE_TMPDIR when it appears in the environment, especially if the system prompt mentions it.
Platform notes
- macOS/Linux:
/tmp/claude-<session-id>/ - Windows:
%TEMP%\claude-<session-id>\ - Session ID should be the existing session identifier, not PID (PIDs can be reused)
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗