mirror of
https://github.com/openai/codex.git
synced 2026-05-04 21:32:21 +03:00
d626dc3895
## Summary - run exec-server filesystem RPCs requiring sandboxing through a `codex-fs` arg0 helper over stdin/stdout - keep direct local filesystem execution for `DangerFullAccess` and external sandbox policies - remove the standalone exec-server binary path in favor of top-level arg0 dispatch/runtime paths - add sandbox escape regression coverage for local and remote filesystem paths ## Validation - `just fmt` - `git diff --check` - remote devbox: `cd codex-rs && bazel test --bes_backend= --bes_results_url= //codex-rs/exec-server:all` (6/6 passed) --------- Co-authored-by: Codex <noreply@openai.com>
21 lines
507 B
Rust
21 lines
507 B
Rust
mod file_system_handler;
|
|
mod handler;
|
|
mod process_handler;
|
|
mod processor;
|
|
mod registry;
|
|
mod session_registry;
|
|
mod transport;
|
|
|
|
pub(crate) use handler::ExecServerHandler;
|
|
pub use transport::DEFAULT_LISTEN_URL;
|
|
pub use transport::ExecServerListenUrlParseError;
|
|
|
|
use crate::ExecServerRuntimePaths;
|
|
|
|
pub async fn run_main(
|
|
listen_url: &str,
|
|
runtime_paths: ExecServerRuntimePaths,
|
|
) -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
|
|
transport::run_transport(listen_url, runtime_paths).await
|
|
}
|