[DOCS] Permissions docs outdated Bash deny-rule exec-wrapper matching

Open 💬 3 comments Opened Apr 17, 2026 by coygeek

Documentation Type

Incorrect/outdated documentation

Documentation Location

https://code.claude.com/docs/en/permissions

Section/Topic

#### Process wrappers in the Bash permission rule documentation

Current Documentation

The docs currently say:

Before matching Bash rules, Claude Code strips a fixed set of process wrappers so a rule like Bash(npm test *) also matches timeout 30 npm test. The recognized wrappers are timeout, time, nice, nohup, and stdbuf. Bare xargs is also stripped, so Bash(grep *) matches xargs grep pattern. This wrapper list is built in and is not configurable.

The page does not mention deny-rule matching for commands wrapped in env, sudo, watch, ionice, setsid, or similar exec wrappers.

What's Wrong or Missing?

Changelog v2.1.113 says: "Security: Bash deny rules now match commands wrapped in env/sudo/watch/ionice/setsid and similar exec wrappers".

The current permissions page still documents an older, narrower wrapper list. That makes the Process wrappers section outdated for users configuring Bash deny rules, because it implies wrapper-aware matching only covers timeout, time, nice, nohup, stdbuf, and bare xargs.

Users reading the page do not learn that deny rules now also apply when a command is wrapped in env, sudo, watch, ionice, setsid, and similar exec-wrapper forms.

Suggested Improvement

Update the Process wrappers section in https://code.claude.com/docs/en/permissions to reflect the v2.1.113 behavior change.

At minimum:

  • Expand the documented wrapper list to include env, sudo, watch, ionice, setsid, and similar exec wrappers.
  • Clarify that this applies to Bash deny-rule matching.
  • Add one or two concrete examples showing that a deny rule still matches when the command is wrapped, so users can reason about security policy correctly.

For example, a short note could explain that a deny rule written for the inner command still applies when that command is launched through supported exec wrappers.

Impact

Medium - Makes feature difficult to understand

Additional Context

Affected Pages:

| Page | Context |
|------|---------|
| https://code.claude.com/docs/en/permissions | Process wrappers currently lists a narrower built-in wrapper set and does not reflect the v2.1.113 deny-rule change |
| https://code.claude.com/docs/en/settings | The permissions.deny setting sends readers to the Bash permission limitations in the permissions docs, so this cross-reference should stay aligned |

Total scope: 2 pages affected

Source: Changelog v2.1.113

Exact changelog entry: Security: Bash deny rules now match commands wrapped in env/sudo/watch/ionice/setsid and similar exec wrappers

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗