Do not allow unified_exec for sandboxed scenarios on Windows (#14398)

as reported in https://github.com/openai/codex/issues/14367 users can explicitly enable unified_exec which will bypass the sandbox even when it should be enabled. Until we support unified_exec with the Windows Sandbox, we will disallow it unless the sandbox is disabled
2026-05-03 21:01:55 +03:00 · 2026-03-12 11:21:30 -07:00
parent 4fa7d6f444
commit fa26597689
3 changed files with 172 additions and 1 deletions
--- a/codex-rs/core/src/codex.rs
+++ b/codex-rs/core/src/codex.rs
@@ -869,6 +869,8 @@ impl TurnContext {
            features: &features,
            web_search_mode: self.tools_config.web_search_mode,
            session_source: self.session_source.clone(),
+            sandbox_policy: self.sandbox_policy.get(),
+            windows_sandbox_level: self.windows_sandbox_level,
        })
        .with_web_search_config(self.tools_config.web_search_config.clone())
        .with_allow_login_shell(self.tools_config.allow_login_shell)
@@ -1279,6 +1281,8 @@ impl Session {
            features: &per_turn_config.features,
            web_search_mode: Some(per_turn_config.web_search_mode.value()),
            session_source: session_source.clone(),
+            sandbox_policy: session_configuration.sandbox_policy.get(),
+            windows_sandbox_level: session_configuration.windows_sandbox_level,
        })
        .with_web_search_config(per_turn_config.web_search_config.clone())
        .with_allow_login_shell(per_turn_config.permissions.allow_login_shell)
@@ -5166,6 +5170,8 @@ async fn spawn_review_thread(
        features: &review_features,
        web_search_mode: Some(review_web_search_mode),
        session_source: parent_turn_context.session_source.clone(),
+        sandbox_policy: parent_turn_context.sandbox_policy.get(),
+        windows_sandbox_level: parent_turn_context.windows_sandbox_level,
    })
    .with_web_search_config(None)
    .with_allow_login_shell(config.permissions.allow_login_shell)