[FEATURE REQUEST] ACL on files in the working directories

Resolved 💬 4 comments Opened Aug 19, 2025 by mikehenson Closed Jan 8, 2026

For a simple use case, consider working with third-party libraries that your project builds from source.

/repo/src/third_party/fancy-library/fancy-library-1.3.5
/repo/src/my_code/...

Claude needs to have read access to fancy-library-1.3.5, but it must never modify those files. Ideally, it shouldn't even contemplate modifying them, but it definitively should not be allowed to.

However, it also might need to add files to a directory to integrate fancy-library-1.3.5 into a build system:

/repo/src/third_party/fancy-library/BUILD

Once that file is correct, it should be possible to tell Claude to stop modifying it unless it is specifically directed to in the prompt / given explicit permission via some other means.

So, there are three distinct states off the top of my head:

'free' - freely modifiable, read, write, whatever
'frozen' - read-only, can only modify with special permission
'read-only' - read-only in the true sense

And, extended to agents, individual agents might have different views of the files available to them.

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗