`sandbox-venv` is a small shell script that sandboxes Python virtual environments in separate Linux namespaces using Bubblewrap (and soon using only command `unshare`, bringing the whole script down to effectively 0 deps).
If you mean the color icons, you can easily switch back to those in the Welcome Dialog that appears when you first open GIMP (look in the Personalize tab). It's the first thing I do when I install GIMP on a new machine. :)
oh wow, i never realized that this is there, in such a convenient location too. and you can't just change the icon style, but also disable the tool groups which was the most annoying change i found because it makes finding the right tool harder. (i'd love tool groups where the tools are grouped but not folded, or in a way where i can expand certain groups that i use often)
That was a feature in GTK2 (the GUI library we use) that was removed in GTK3.
We could try to fight the library and reimplement it ourselves, but it'd take a developer dedicated to do it. I miss the menu icons too. :(
It got deprecated only in 3.10 and you can compile against that and link it with the latest Gtk+ 3 library. I do this for my programs, because I don't like it when the widget toolkit ignores my OS settings.
As a heads up and affirmation that the approach is correct, here's a small shell bubblewrap wrapper that boils the command line down to `sandbox-run claude --dangerously-skip-permissions`.
Sometimes when I was stressed, I have used several models to verify each others´ work. They usually find problems, too!
This is very useful for things that take time to verify, we have CI stuff that takes 2-3 hours to run and I hate when those fails because of a syntax error.
Since everyone tends to present their own solution, I bid you mine:
sandbox-run npx @anthropic-ai/claude-code
This runs npx (...) transparently inside a Bubblewrap sandbox, exposing only the $PWD. Contrary to many other solutions, it is a few lines of pure POSIX shell.
I like the bubblewrap approach, it just happens to be Linux-only unfortunately. And once privileges are dropped for a process it doesn't appear to be possible to reinstate them.
> once privileges are dropped [...] it doesn't appear to be possible to reinstate them
I don't understand. If unprivileged code could easily re-elevate itself, privilege dropping would be meaningless ...
If you need to communicate with the outside, you can do so via sockets (such as the bind-mounted X11 socket in one of the readme Examples).
I happen to use a Mac, even when targeting Linux so I'd have to use a container or VM anyways. It's nice how lightweight bubblewrap would be however.
Consider one wanted to replicate the human-approval workflow that most agent harnesses offer. It's not obvious to me how that could be accomplished by dropping privileges without an escape hatch.
IIRC from a comment in another thread, it's marked as deprecated to stop people from using it directly and to use the offical macOS tools directly. But it's still used internally by macOS.
https://github.com/sandbox-utils/sandbox-venv
reply