Bun runtime incompatible with sandbox - requires readdir() on /Users

[Pierozi]

Problem

Bun runtime fails to run inside the sandbox because it attempts file-read-data (readdir) on parent directories /Users and /Users/<username>, which are denied by the sandbox's security model.

Reproduction

cd ~/projects/dev3o/www
sxc --trace bun run dev

Trace output:

[sx:trace] [READ] file-read-data /Users (bun(6760))
[sx:trace] [READ] file-read-data /Users/pierozi (bun(6760))
error loading current directory
error: An internal error occurred (CouldntReadCurrentDirectory)

Analysis

• file-read-metadata is allowed globally (required for path traversal/stat)
• file-read-data on /Users and ~ is denied (would expose sensitive directory contents)
• Bun requires readdir() on these parent directories, not just stat()
• This happens regardless of working directory depth - even running from ~/projects/dev3o triggers the same behavior

Why this can't be fixed in sx

Allowing file-read-data on /Users or ~ would be a major security issue:

• /Users would expose all usernames on the system
• ~ would expose all directories in the user's home

These are exactly the kinds of information leakage the sandbox is designed to prevent.

Upstream issue needed

This appears to be a bun limitation/bug. Bun should not require readdir() on parent directories to resolve the current working directory - stat() via file-read-metadata should be sufficient.

Suggested action: File an issue with oven-sh/bun requesting that bun gracefully handle sandboxed environments where parent directory listing is restricted.

Workaround

Use node instead of bun for sandboxed development until this is resolved upstream.

Environment

• macOS with Seatbelt sandbox
• Bun 1.x
• sx (sandbox-shell)