[FEATURE REQUEST] ACL on files in the working directories
For a simple use case, consider working with third-party libraries that your project builds from source.
/repo/src/third_party/fancy-library/fancy-library-1.3.5
/repo/src/my_code/...
Claude needs to have read access to fancy-library-1.3.5, but it must never modify those files. Ideally, it shouldn't even contemplate modifying them, but it definitively should not be allowed to.
However, it also might need to add files to a directory to integrate fancy-library-1.3.5 into a build system:
/repo/src/third_party/fancy-library/BUILD
Once that file is correct, it should be possible to tell Claude to stop modifying it unless it is specifically directed to in the prompt / given explicit permission via some other means.
So, there are three distinct states off the top of my head:
'free' - freely modifiable, read, write, whatever
'frozen' - read-only, can only modify with special permission
'read-only' - read-only in the true sense
And, extended to agents, individual agents might have different views of the files available to them.
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗