[BUG] disableBypassPermissionsMode in managed-settings.json has no effect (v2.1.92)
Resolved 💬 5 comments Opened Apr 7, 2026 by muros029biz Closed May 27, 2026
Bug Description
permissions.disableBypassPermissionsMode set to "disable" in managed-settings.json does not prevent --dangerously-skip-permissions from being used.
Steps to Reproduce
- Set managed-settings.json at
/Library/Application Support/ClaudeCode/managed-settings.json(root-owned):
{
"permissions": {
"disableBypassPermissionsMode": "disable"
}
}
- Verify the setting exists:
jq '.permissions.disableBypassPermissionsMode' "/Library/Application Support/ClaudeCode/managed-settings.json"
# Output: "disable"
- Run Claude Code with the bypass flag:
claude --dangerously-skip-permissions -p "echo test"
Expected: Session rejected or error message indicating bypass mode is disabled.
Actual: Session starts normally in bypass mode.
Environment
- Claude Code version: 2.1.92 (installed via
brew install claude-code@latest) - macOS (Apple Silicon)
- Managed settings file ownership: root:admin
- Other managed settings (sandbox, deny rules) ARE being read and enforced from the same file
Impact
This setting is documented as the way to prevent bypass mode in enterprise/managed environments. Without it, --dangerously-skip-permissions can bypass all deny rules, allowing unrestricted file access including credential files.
Workaround
Deny rules for Bash(claude *) prevent Claude from spawning itself with bypass flags. Physical terminal access is still required for exploitation.
This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗