[DOCS] Permissions docs missing macOS `/private/*` dangerous `rm` targets
Documentation Type
Missing documentation (feature not documented)
Documentation Location
https://code.claude.com/docs/en/permissions
Section/Topic
Bash permission rule syntax and Bash permission limitations for removal commands on macOS
Current Documentation
The docs currently say:
Bash(*)is equivalent toBashand matches all Bash commands.Bash(npm run build)matches the exact Bash commandnpm run buildBash(npm run test *)matches Bash commands starting withnpm run test*Bash(npm *)matches any command starting withnpm
And the security page says:
Command injection detection: Suspicious bash commands require manual approval even if previously allowlisted
No current page documents that on macOS, removal targets under /private/etc, /private/var, /private/tmp, and /private/home are treated as dangerous targets when evaluating broad Bash(rm:*) allow rules.
What's Wrong or Missing?
Changelog v2.1.113 adds a macOS-specific security behavior for rm allow rules, but the docs do not describe it.
Someone reading the current permission-rule docs would reasonably expect a broad allow rule such as Bash(rm:*) to behave consistently for matching macOS paths. The documentation does not explain that /private/{etc,var,tmp,home} is treated as a dangerous removal target set on macOS, so users and administrators cannot predict when a matching rm command will still be treated as sensitive.
Suggested Improvement
Add a note or warning to the Bash permission rules section in https://code.claude.com/docs/en/permissions that explains:
- On macOS, targets under
/private/etc,/private/var,/private/tmp, and/private/homeare treated as dangerous removals. - This applies even when a broad allow rule such as
Bash(rm:*)would otherwise match the command text. - These
/private/...paths should be called out as macOS path forms users may encounter when writing or reviewing removal-related permission rules.
It would also help to cross-reference this from the security page's note about allowlisted Bash commands still requiring manual approval for suspicious operations.
Impact
Medium - Makes feature difficult to understand
Additional Context
Affected Pages:
| Page | Context |
|------|---------|
| https://code.claude.com/docs/en/permissions | Primary explanation of Bash(...) allow-rule syntax and limitations |
| https://code.claude.com/docs/en/settings | Settings reference for permissions.allow, ask, and deny |
| https://code.claude.com/docs/en/security | Security guidance for allowlisted Bash commands that still need manual approval |
Total scope: 3 pages affected
Source: Changelog v2.1.113
Exact changelog entry:
Security: on macOS,/private/{etc,var,tmp,home}paths are now treated as dangerous removal targets underBash(rm:*)allow rules
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗