OpenClaw Security Best Practices: Sandboxing & Permission Control

Security First

OpenClaw's power comes with responsibility. This article covers essential security practices to protect your systems and data.

Sandboxing

Container Isolation

# Run OpenClaw in Docker with limited privileges
docker run -d \
  --name openclaw \
  --security-opt no-new-privileges \
  --cap-drop ALL \
  --read-only \
  -v /workspace:/workspace:rw \
  openclaw:latest

Resource Limits

{
  sandbox: {
    maxMemory: '512MB',
    maxCPU: '50%',
    maxFileSizeMB: 10,
    timeout: 30000,
    maxProcesses: 5
  }
}

Permission Control

Capability-Based Access

# AGENTS.md - Security Rules

## Allowed Operations
- Read files in /workspace only
- Write files in /workspace/output only
- Execute whitelisted commands only

## Forbidden Operations
- Never access /etc, /var, /usr
- Never execute rm -rf, dd, or format commands
- Never access credentials or secrets
- Never make requests to internal networks

User Whitelisting

// Only allow specific users
{
  security: {
    allowedUsers: ['user_12345', 'user_67890'],
    requireConfirmation: ['file_delete', 'email_send'],
    logAllActions: true
  }
}

Network Security

{
  network: {
    allowedHosts: [
      'api.github.com',
      'smtp.gmail.com',
      '*.google.com'
    ],
    blockedPorts: [22, 23, 3389],
    maxRequestsPerMinute: 100
  }
}

Audit Logging

// Log all agent actions
{
  logging: {
    level: 'info',
    logToolCalls: true,
    logRequests: true,
    logResponses: false, // Privacy
    destination: './logs/audit.log'
  }
}

Secret Management

• Never hardcode secrets in bootstrap files
• Use environment variables for credentials
• Rotate API keys regularly
• Use separate keys for development/production

Conclusion

Security is not optional. Implement these practices to safely leverage OpenClaw's capabilities.