codex: tighten remote unified exec launch path

2026-05-04 21:32:21 +03:00 · 2026-04-06 12:38:59 -07:00
parent da8e0233b4
commit ab132113f9
2 changed files with 20 additions and 32 deletions
--- a/codex-rs/core/src/tools/runtimes/unified_exec.rs
+++ b/codex-rs/core/src/tools/runtimes/unified_exec.rs
@@ -84,13 +84,13 @@ pub struct UnifiedExecRuntime<'a> {
    shell_mode: UnifiedExecShellMode,
 }

-fn build_remote_exec_sandbox_config(attempt: &SandboxAttempt<'_>) -> SandboxLaunchConfig {
-    SandboxLaunchConfig {
-        mode: if matches!(attempt.sandbox, codex_sandboxing::SandboxType::None) {
-            SandboxLaunchMode::Disabled
-        } else {
-            SandboxLaunchMode::Auto
-        },
+fn build_remote_exec_sandbox_config(attempt: &SandboxAttempt<'_>) -> Option<SandboxLaunchConfig> {
+    if matches!(attempt.sandbox, codex_sandboxing::SandboxType::None) {
+        return None;
+    }
+
+    Some(SandboxLaunchConfig {
+        mode: SandboxLaunchMode::Auto,
        policy: attempt.policy.clone(),
        file_system_policy: attempt.file_system_policy.clone(),
        network_policy: attempt.network_policy,
@@ -99,7 +99,7 @@ fn build_remote_exec_sandbox_config(attempt: &SandboxAttempt<'_>) -> SandboxLaun
        windows_sandbox_level: attempt.windows_sandbox_level,
        windows_sandbox_private_desktop: attempt.windows_sandbox_private_desktop,
        use_legacy_landlock: attempt.use_legacy_landlock,
-    }
+    })
 }

 impl<'a> UnifiedExecRuntime<'a> {
@@ -241,17 +241,18 @@ impl<'a> ToolRuntime<UnifiedExecRequest, UnifiedExecProcess> for UnifiedExecRunt
        // Remote exec-server now owns sandbox argv construction, so this branch
        // keeps sending raw command data until we collapse the launch APIs.
        if ctx.turn.environment.exec_server_url().is_some() {
+            let exec_params = codex_exec_server::ExecParams {
+                process_id: req.process_id.to_string().into(),
+                argv: command,
+                cwd: req.cwd.clone(),
+                env,
+                tty: req.tty,
+                arg0: None,
+                sandbox: build_remote_exec_sandbox_config(attempt),
+            };
            return self
                .manager
-                .open_session_with_remote_exec(
-                    req.process_id,
-                    command,
-                    req.cwd.clone(),
-                    env,
-                    req.tty,
-                    Some(build_remote_exec_sandbox_config(attempt)),
-                    ctx.turn.environment.as_ref(),
-                )
+                .open_session_with_remote_exec(exec_params, ctx.turn.environment.as_ref())
                .await
                .map_err(|err| match err {
                    UnifiedExecError::SandboxDenied { output, .. } => {
--- a/codex-rs/core/src/unified_exec/process_manager.rs
+++ b/codex-rs/core/src/unified_exec/process_manager.rs
@@ -647,25 +647,12 @@ impl UnifiedExecProcessManager {

    pub(crate) async fn open_session_with_remote_exec(
        &self,
-        process_id: i32,
-        command: Vec<String>,
-        cwd: PathBuf,
-        env: HashMap<String, String>,
-        tty: bool,
-        sandbox: Option<codex_sandboxing::SandboxLaunchConfig>,
+        params: codex_exec_server::ExecParams,
        environment: &codex_exec_server::Environment,
    ) -> Result<UnifiedExecProcess, UnifiedExecError> {
        let started = environment
            .get_exec_backend()
-            .start(codex_exec_server::ExecParams {
-                process_id: exec_server_process_id(process_id).into(),
-                argv: command,
-                cwd,
-                env,
-                tty,
-                arg0: None,
-                sandbox,
-            })
+            .start(params)
            .await
            .map_err(|err| UnifiedExecError::create_process(err.to_string()))?;
        let sandbox_type = started.sandbox_type;