mirrors/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2026-04-28 18:32:04 +03:00
Code Issues Packages Projects Releases Wiki Activity

bypass sandbox for policy approved commands (#7110)

Browse Source 
allowing cmds greenlit by execpolicy to bypass sandbox + minor refactor
for a world where we have execpolicy rules with specific sandbox
requirements
This commit is contained in:
zhao-oai
2025-11-21 18:03:23 -05:00
committed by GitHub
parent 67975ed33a
commit 87b211709e
5 changed files with 61 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
codex-rs/core/src/exec_policy.rs
View File

@@ -107,7 +107,9 @@ fn evaluate_with_policy(
})
}
}
Decision::Allow => Some(ApprovalRequirement::Skip),
Decision::Allow => Some(ApprovalRequirement::Skip {
bypass_sandbox: true,
}),
},
Evaluation::NoMatch { .. } => None,
}
@@ -132,7 +134,9 @@ pub(crate) fn create_approval_requirement_for_command(
) {
ApprovalRequirement::NeedsApproval { reason: None }
} else {
ApprovalRequirement::Skip
ApprovalRequirement::Skip {
bypass_sandbox: false,
}
}
}