mirror of
https://github.com/openai/codex.git
synced 2026-03-05 21:45:28 +03:00
a4b51f6b67
Building on top of https://github.com/openai/codex/pull/757, this PR updates Codex to use the Landlock executor binary for sandboxing in the Node.js CLI. Note that Codex has to be invoked with either `--full-auto` or `--auto-edit` to activate sandboxing. (Using `--suggest` or `--dangerously-auto-approve-everything` ensures the sandboxing codepath will not be exercised.) When I tested this on a Linux host (specifically, `Ubuntu 24.04.1 LTS`), things worked as expected: I ran Codex CLI with `--full-auto` and then asked it to do `echo 'hello mbolin' into hello_world.txt` and it succeeded without prompting me. However, in my testing, I discovered that the sandboxing did *not* work when using `--full-auto` in a Linux Docker container from a macOS host. I updated the code to throw a detailed error message when this happens: 