Did a proper permissions audit on my Claude Code setup recently. My finding: the default configuration is generous and most developers I’ve talked to have never tightened it. For personal side projects maybe that’s fine. For anything that touches production config, shared environments, or sensitive files it’s worth knowing exactly what access you’ve granted. The specific issues I found: global tool permissions that applied to all projects including ones I care about more, no explicit exclusions for .env files and build config, and one CLAUDE.md that had a database URL I’d pasted in as context months ago and forgotten about. The mental model I’d suggest: treat Claude Code like you’d treat a junior contractor with direct file system access. You’d set limits on what they could touch, you’d want them to ask before modifying certain things, you’d make the sensitive paths explicit. The same discipline applies here. The tool can be trusted to follow the rules you set, but you have to actually set them. What’s your permission model for AI coding tools that have write access to your file system? submitted by /u/EastMove5163
Originally posted by u/EastMove5163 on r/ClaudeCode