[BUG] Security validation incorrectly blocks access to allowed folder
Resolved 💬 3 comments Opened Sep 16, 2025 by Dasio Closed Sep 16, 2025
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
Bash tool's security validation incorrectly blocks access to files in Kubernetes ConfigMap/Secret mounts that contain .. in timestamped directory names, even when the resolved path is within allowed directories.
What Should Happen?
Claude code shouldn't block it
Error Messages/Logs
grep in '/root/<folder>/..2025_09_16_10_04_14.3134483424/<file>.yaml' was blocked. For security, Claude Code may only search for patterns in files from the allowed working directories for this session: '/tmp/session-565b3c6d', '/root/<folder>'.
Steps to Reproduce
claude --add-dir=/root/<folder> -p 'run grep -E "name:" /root/<folder>/<file>.yaml' --output-format=stream-json --verbose
file structure
ls -la
total 1
drwxrwxrwt 3 root root 260 Sep 16 10:04 .
drwx------ 1 root root 4096 Sep 16 10:34 ..
drwxr-xr-x 2 root root 220 Sep 16 10:04 ..2025_09_16_10_04_14.3134483424
lrwxrwxrwx 1 root root 32 Sep 16 10:04 ..data -> ..2025_09_16_10_04_14.3134483424
lrwxrwxrwx 1 root root 19 Sep 16 10:04 <file>.yaml -> ..data/<file>.yaml
Claude Model
Sonnet (default)
Is this a regression?
I don't know
Last Working Version
_No response_
Claude Code Version
1.0.115
Platform
Google Vertex AI
Operating System
Other Linux
Terminal/Shell
Non-interactive/CI environment
Additional Information
_No response_
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗