docs: added README.md

EvanCarroll · EvanCarroll · commit 02737234d53c · 2025-05-01T22:16:43.000-05:00
diff --git a/README.md b/README.md
@@ -0,0 +1,31 @@
+claude-podman
+====
+
+Claude for the security-conscious: run [claude-code, the claude cli tool](https://docs.anthropic.com/en/docs/agents-and-tools/claude-code/overview), in a rootless podman container.
+
+Installation
+----
+
+First, download and install podman. Installation is easy and secure with curl
+
+```sh
+curl --proto '=https' --tlsv1.2 -sSf \
+  https://raw.githubusercontent.com/EvanCarroll/claude-podman/refs/heads/main/bin/claude |
+  sudo tee /usr/local/bin/claude-podman
+```
+
+Now you can just run `claude-podman`.
+
+Benefit
+----
+
+This provides the following benefits:
+
+* Claude only gets file access to
+  * Files in the present working directory
+	* `$HOME/.claude.json`
+	* `$HOME/.claude`
+* Claude can only execute the files that exist in the image.
+
+This image runs rootless. Inside the image, it runs as non-root. Claude is
+maximally locked down and can't even update itself.
