Skip to content

πŸ›‘οΈ Feature: Filesystem Masking & Workspace IsolationΒ #19

New issue
New issue
Open
Open
πŸ›‘οΈ Feature: Filesystem Masking & Workspace Isolation#19
Assignees
GordonBeeming
@GordonBeeming

Description

@GordonBeeming
GordonBeeming
opened on Nov 25, 2025

πŸ“„ Description

To improve both security and stability, we need to manipulate how the host filesystem is projected into the container. Currently, the bind mount exposes everything, which causes two critical issues:

  1. Security Risk: Sensitive files (e.g., .env, .pem certificates, local configs) are readable by the LLM/Container.
  2. Context Pollution: The host and container share build directories (e.g., bin/, obj/, node_modules/). This causes file locking issues, OS-binary mismatches, and allows the container to overwrite the user's local build artifacts.

We need a configuration capability to "Mask" or "Split" specific paths.

🎯 The Two Modes

1. Security Masking (Hide)

  • Goal: Prevent the container from reading a specific file or folder.
  • Behavior: The path appears to exist but is empty (0 bytes) or points to /dev/null.
  • Use Case: Hiding .env files, .git folders, or local credentials.

2. Workspace Isolation (Split)

  • Goal: Provide the container with a "scratchpad" for specific directories that is separate from the host.
  • Behavior: The container sees an empty directory at the path (masking the host's files) but can write new files to it. These writes stay in the container and do not affect the host.
  • Use Case: bin/, obj/, dist/, temp/.

βœ… Acceptance Criteria

  • Configuration: The application accepts a list of paths to handle, likely via a config file (e.g., .copilotignore or copilot.json) with support for specifying the mode (Mask vs. Split).
  • Security Verification:
    • Verify that a file marked for Masking (e.g., .env) appears empty or non-existent inside the container.
    • Verify the host file remains untouched.
  • Isolation Verification:
    • Verify that a directory marked for Isolation (e.g., bin/) starts empty inside the container, regardless of files present on the host.
    • Verify that files generated inside the container at this path do not sync back to the host.
  • Host Protection: Ensure that applying these masks/overlays does not accidentally delete the source data on the host machine.
  • Tech Stack Agnostic: The solution works regardless of the user's tech stack (Node, .NET, Rust, etc.).

βš™οΈ Implementation Notes

  • This will likely utilize Docker's ability to mount volumes over specific sub-paths of a bind mount.
  • Masking: Mount /dev/null (or platform equivalent) over files.
  • Isolation: Mount anonymous volumes over directories.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions