alt Hacker News> Then I lock down Claude Code’s permissions to only edit these two files and run run.sh. No direct Python execution, no pip installs, no network access, no git push, etc.
How does one run Claude Code without network access?
Replies
shepherdjerred • yesterday at 9:36 PM
You can do this via a Docker container or seatbelt on MacOS.
in both cases you'd limit it so CC can only talk to the required Anthropic APIs.
So not zero access, but as close to it as you can get.
franktankbank • yesterday at 9:37 PM
Pretty good question, also how do you update python version without network access?
Sorry I could have worded this part better.
The docker container didn’t have network access. Claude didn’t have permission to execute anything other than the run.sh bash script, which would orchestrate the docker run