mirror of
https://github.com/openai/codex.git
synced 2026-05-06 06:12:59 +03:00
413c1e1fdf
## Summary - reduce public module visibility across Rust crates, preferring private or crate-private modules with explicit crate-root public exports - update external call sites and tests to use the intended public crate APIs instead of reaching through module trees - add the module visibility guideline to AGENTS.md ## Validation - `cargo check --workspace --all-targets --message-format=short` passed before the final fix/format pass - `just fix` completed successfully - `just fmt` completed successfully - `git diff --check` passed
codex-shell-escalation
This crate contains the Unix shell-escalation protocol implementation and the
codex-execve-wrapper executable.
codex-execve-wrapper receives the arguments to an intercepted execve(2) call and delegates the
decision to the shell-escalation protocol over a shared file descriptor (specified by the
CODEX_ESCALATE_SOCKET environment variable). The server on the other side replies with one of:
Run:codex-execve-wrappershould invokeexecve(2)on itself to run the original command within the sandboxed shell.Escalate: forward the file descriptors of the current process so the command can be run faithfully outside the sandbox. When the process completes, the server forwards the exit code back tocodex-execve-wrapper.Deny: the server has declared the proposed command to be forbidden, socodex-execve-wrapperprints an error tostderrand exits with1.
Patched zsh
We carry a small patch to Src/exec.c (see patches/zsh-exec-wrapper.patch) that adds support for EXEC_WRAPPER. The patch applies to 77045ef899e53b9598bebc5a41db93a548a40ca6 from https://git.code.sf.net/p/zsh/code. To rebuild manually:
git clone https://git.code.sf.net/p/zsh/code
git checkout 77045ef899e53b9598bebc5a41db93a548a40ca6
git apply /path/to/patches/zsh-exec-wrapper.patch
./Util/preconfig
./configure
make -j"$(nproc)"