[BUG] disableBypassPermissionsMode in managed-settings.json has no effect (v2.1.92)

Resolved 💬 5 comments Opened Apr 7, 2026 by muros029biz Closed May 27, 2026

Bug Description

permissions.disableBypassPermissionsMode set to "disable" in managed-settings.json does not prevent --dangerously-skip-permissions from being used.

Steps to Reproduce

  1. Set managed-settings.json at /Library/Application Support/ClaudeCode/managed-settings.json (root-owned):
{
  "permissions": {
    "disableBypassPermissionsMode": "disable"
  }
}
  1. Verify the setting exists:
jq '.permissions.disableBypassPermissionsMode' "/Library/Application Support/ClaudeCode/managed-settings.json"
# Output: "disable"
  1. Run Claude Code with the bypass flag:
claude --dangerously-skip-permissions -p "echo test"

Expected: Session rejected or error message indicating bypass mode is disabled.
Actual: Session starts normally in bypass mode.

Environment

  • Claude Code version: 2.1.92 (installed via brew install claude-code@latest)
  • macOS (Apple Silicon)
  • Managed settings file ownership: root:admin
  • Other managed settings (sandbox, deny rules) ARE being read and enforced from the same file

Impact

This setting is documented as the way to prevent bypass mode in enterprise/managed environments. Without it, --dangerously-skip-permissions can bypass all deny rules, allowing unrestricted file access including credential files.

Workaround

Deny rules for Bash(claude *) prevent Claude from spawning itself with bypass flags. Physical terminal access is still required for exploitation.

View original on GitHub ↗

This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗