Add sandbox support to filesystem APIs (#16751)

## Summary - add optional `sandboxPolicy` support to the app-server filesystem request surface - thread sandbox-aware filesystem options through app-server and exec-server adapters - enforce sandboxed read/write access in the filesystem abstraction with focused local and remote coverage ## Validation - `cargo test -p codex-app-server-protocol` - `cargo test -p codex-exec-server file_system` - `cargo test -p codex-app-server suite::v2::fs` --------- Co-authored-by: Codex <noreply@openai.com>
2026-04-29 02:41:12 +03:00 · 2026-04-08 12:10:48 -07:00
parent e003f84e1e
commit f383cc980d
12 changed files with 1271 additions and 96 deletions
--- a/codex-rs/exec-server/src/protocol.rs
+++ b/codex-rs/exec-server/src/protocol.rs
@@ -2,6 +2,8 @@ use std::collections::HashMap;
 use std::path::PathBuf;

 use base64::engine::general_purpose::STANDARD as BASE64_STANDARD;
+use codex_protocol::protocol::SandboxPolicy;
+use codex_utils_absolute_path::AbsolutePathBuf;
 use serde::Deserialize;
 use serde::Serialize;

@@ -131,6 +133,106 @@ pub struct TerminateResponse {
    pub running: bool,
 }

+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsReadFileParams {
+    pub path: AbsolutePathBuf,
+    pub sandbox_policy: Option<SandboxPolicy>,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsReadFileResponse {
+    pub data_base64: String,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsWriteFileParams {
+    pub path: AbsolutePathBuf,
+    pub data_base64: String,
+    pub sandbox_policy: Option<SandboxPolicy>,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsWriteFileResponse {}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsCreateDirectoryParams {
+    pub path: AbsolutePathBuf,
+    pub recursive: Option<bool>,
+    pub sandbox_policy: Option<SandboxPolicy>,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsCreateDirectoryResponse {}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsGetMetadataParams {
+    pub path: AbsolutePathBuf,
+    pub sandbox_policy: Option<SandboxPolicy>,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsGetMetadataResponse {
+    pub is_directory: bool,
+    pub is_file: bool,
+    pub created_at_ms: i64,
+    pub modified_at_ms: i64,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsReadDirectoryParams {
+    pub path: AbsolutePathBuf,
+    pub sandbox_policy: Option<SandboxPolicy>,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsReadDirectoryEntry {
+    pub file_name: String,
+    pub is_directory: bool,
+    pub is_file: bool,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsReadDirectoryResponse {
+    pub entries: Vec<FsReadDirectoryEntry>,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsRemoveParams {
+    pub path: AbsolutePathBuf,
+    pub recursive: Option<bool>,
+    pub force: Option<bool>,
+    pub sandbox_policy: Option<SandboxPolicy>,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsRemoveResponse {}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsCopyParams {
+    pub source_path: AbsolutePathBuf,
+    pub destination_path: AbsolutePathBuf,
+    pub recursive: bool,
+    pub sandbox_policy: Option<SandboxPolicy>,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+pub struct FsCopyResponse {}
+
 #[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
 #[serde(rename_all = "camelCase")]
 pub enum ExecOutputStream {