[Bug] Permission denial for files not enforced in read operations

Resolved 💬 2 comments Opened Jun 8, 2026 by lorenz-gruber-dt Closed Jul 14, 2026

Bug Description
Claude is able to read a file that is explicitely denied in the global settings.json file.
My settings include this:

  "permissions": {
    "deny": [
      "Read(**/local_exec.yaml)",
      "Edit(**/local_exec.yaml)",
      "Write(**/local_exec.yaml)",
      "Bash(**/local_exec.yaml)"
    ]
  },

I asked Claude to read a dummy file with that name and it was able to do it. Upon asking it why it was able to read it, it said itself that this is a bug.

Environment Info

  • Platform: darwin
  • Terminal: tmux
  • Version: 2.1.165
  • Feedback ID: aa7dffb5-5c17-4c12-8f2a-f070277a5908

Errors

[]

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗