fix(linux): remove expensive glob expansion for mandatory deny patterns

The glob expansion using **/pattern patterns caused full filesystem walks
of the current directory for each pattern (~15 patterns = ~15 walks).
This caused hangs in directories with many files (e.g., node_modules).

The concrete paths from getMandatoryDenyPaths() are sufficient for bwrap's
--ro-bind protections. Landlock (applied via wrapper) provides additional
recursive protection.

Fixes #27

Author: jy-tan

internal/sandbox/linux.go

@@ -477,14 +477,15 @@ func WrapCommandLinuxWithOptions(cfg *config.Config, command string, bridge *Lin
 
 	// Apply mandatory deny patterns (make dangerous files/dirs read-only)
 	// This overrides any writable mounts for these paths
+	//
+	// Note: We only use concrete paths from getMandatoryDenyPaths(), NOT glob expansion.
+	// GetMandatoryDenyPatterns() returns expensive **/pattern globs that require walking
+	// the entire directory tree - this can hang on large directories (see issue #27).
+	// The concrete paths already cover dangerous files in cwd and home directory,
+	// which is sufficient protection for bwrap's --ro-bind. Landlock (applied separately
+	// via the wrapper) provides additional recursive protection.
 	mandatoryDeny := getMandatoryDenyPaths(cwd)
 
-	// Expand glob patterns for mandatory deny
-	allowGitConfig := cfg != nil && cfg.Filesystem.AllowGitConfig
-	mandatoryGlobs := GetMandatoryDenyPatterns(cwd, allowGitConfig)
-	expandedMandatory := ExpandGlobPatterns(mandatoryGlobs)
-	mandatoryDeny = append(mandatoryDeny, expandedMandatory...)
-
 	// Deduplicate
 	seen := make(map[string]bool)
 	for _, p := range mandatoryDeny {