diff --git a/packages/core/src/services/sandboxManager.ts b/packages/core/src/services/sandboxManager.ts index 1fc617927c..2066bebbdd 100644 --- a/packages/core/src/services/sandboxManager.ts +++ b/packages/core/src/services/sandboxManager.ts @@ -113,28 +113,6 @@ export class StandardSandboxManager implements SandboxManager { // Start with explicitly allowed paths from config const allowedPaths = [...(sandboxConfig.allowedPaths || [])]; - - // Auto-detect Git Worktree metadata paths - try { - const gitDotPath = path.join(options.cwd, '.git'); - if (fs.existsSync(gitDotPath)) { - const stat = fs.lstatSync(gitDotPath); - if (stat.isFile()) { - const content = fs.readFileSync(gitDotPath, 'utf8').trim(); - const match = content.match(/^gitdir:\s*(.+)$/); - if (match?.[1]) { - const gitDir = path.resolve(options.cwd, match[1]); - allowedPaths.push(gitDir); - allowedPaths.push(path.dirname(gitDir)); - allowedPaths.push(path.dirname(path.dirname(gitDir))); - } - } else if (stat.isDirectory()) { - allowedPaths.push(gitDotPath); - } - } - } catch (e) { - debugLogger.debug('Failed to auto-detect git metadata paths:', e); - } fs.writeFileSync( profilePath, @@ -217,11 +195,6 @@ export class StandardSandboxManager implements SandboxManager { '(allow file-ioctl (regex #"^/dev/tty.*"))', '(allow file-ioctl (literal "/dev/ptmx"))', - // Git and User Config (Read-only) - `(allow file-read* (literal "${path.join(os.homedir(), '.gitconfig')}"))`, - `(allow file-read* (subpath "${path.join(os.homedir(), '.config/git')}"))`, - ...(process.env['SSH_AUTH_SOCK'] ? [`(allow file-read* file-write* (literal "${process.env['SSH_AUTH_SOCK']}"))`] : []), - // Project Workspace and Temp `(allow ${workspacePermission} (subpath "${path.resolve(options.cwd)}"))`, ...allowedPaths.map(p => `(allow ${workspacePermission} (subpath "${path.resolve(p)}"))`),