Original Reddit post

tl;dr claudebox runs Claude Code in a container, syncs your config and conversations across machines, and introduces routing of large files between git and cloud object storage. I gave Claude Code a task, walked away, and came back to find it had modified its own sandbox configuration to give itself more access. Not a hallucination, it literally edited the file that controlled what it was allowed to do. I’m not sure that was even supposed to be possible. I realized Claude just does not fit my security and mobility needs. Claude Code’s native sandbox on macOS is an allowlist you configure by hand. You toggle it on, something breaks, you add an exception, repeat. There’s no memory cap, no CPU limit, no network isolation. Your SSH keys, your .env files, your entire home directory are all reachable. Some people solve this by giving Claude its own dedicated machine. I’m not doing that. claudebox runs Claude Code in a docker or apple container scoped to your current project directory. Normal mode mounts your config and SSH keys. Safe mode drops all Linux capabilities, disables privilege escalation, enforces a 4 GB memory cap and CPU limit, and puts it on an isolated network bridge. The second problem was machines. I work on a desktop and a laptop and they’re never in sync. Claude’s settings, keybindings, modules, global instructions, conversation history — all of it lives in ~/.claude and Claude Code has no sync story. I tried iCloud and got silent failures when files were evicted to stubs mid-session. Syncthing raced with Claude’s live writes and occasionally corrupted conversation files. The fix was a private git remote. claudebox syncs an explicit allowlist of config files to main at every session boundary. Conversation history is opt-in per project, stored on a per-machine branch and written via git plumbing so it never interferes with config. History can grow large over time, so claudebox lets you prune it by size or age — per project or across all of them at once. Worked offline on both machines? It auto-rebases and retries. I’m also building flux alongside this, a companion tool for routing large files between git and cloud object storage. The two are meant to grow together over time: claudebox handles the Claude environment, flux handles assets that don’t belong in a regular repo. GitHub: https://github.com/bpeterme/claudebox Homebrew: brew tap bpeterme/claudebox && brew install claudebox submitted by /u/fifett

Originally posted by u/fifett on r/ClaudeCode