Pass Windows metadata targets to direct exec

2026-05-29 15:30:22 +00:00 · 2026-05-04 10:04:23 -07:00
parent 230dcf45c2
commit 461f186a34
2 changed files with 27 additions and 1 deletions
--- a/codex-rs/core/src/exec.rs
+++ b/codex-rs/core/src/exec.rs
@@ -647,6 +647,28 @@ async fn exec_windows_sandbox(
                .collect::<Vec<_>>()
        })
        .unwrap_or_default();
+    let protected_metadata_targets = windows_sandbox_filesystem_overrides
+        .map(|overrides| {
+            overrides
+                .protected_metadata_targets
+                .iter()
+                .map(|target| {
+                    let mode = match target.mode {
+                        WindowsProtectedMetadataMode::ExistingDeny => {
+                            codex_windows_sandbox::ProtectedMetadataMode::ExistingDeny
+                        }
+                        WindowsProtectedMetadataMode::MissingCreationMonitor => {
+                            codex_windows_sandbox::ProtectedMetadataMode::MissingCreationMonitor
+                        }
+                    };
+                    codex_windows_sandbox::ProtectedMetadataTarget {
+                        path: target.path.to_path_buf(),
+                        mode,
+                    }
+                })
+                .collect::<Vec<_>>()
+        })
+        .unwrap_or_default();
    let spawn_res = tokio::task::spawn_blocking(move || {
        if use_elevated {
            run_windows_sandbox_capture_elevated(
@@ -665,7 +687,7 @@ async fn exec_windows_sandbox(
                        elevated_read_roots_include_platform_defaults,
                    write_roots_override: elevated_write_roots_override.as_deref(),
                    deny_write_paths_override: &elevated_deny_write_paths,
-                    protected_metadata_targets: &[],
+                    protected_metadata_targets: &protected_metadata_targets,
                },
            )
        } else {
@@ -678,6 +700,7 @@ async fn exec_windows_sandbox(
                env,
                timeout_ms,
                &additional_deny_write_paths,
+                &protected_metadata_targets,
                windows_sandbox_private_desktop,
            )
        }
--- a/codex-rs/windows-sandbox-rs/src/lib.rs
+++ b/codex-rs/windows-sandbox-rs/src/lib.rs
@@ -258,6 +258,7 @@ pub use stub::run_windows_sandbox_legacy_preflight;

 #[cfg(target_os = "windows")]
 mod windows_impl {
+    use super::ProtectedMetadataTarget;
    use super::acl::add_allow_ace;
    use super::acl::add_deny_write_ace;
    use super::acl::allow_null_device;
@@ -350,6 +351,7 @@ mod windows_impl {
            env_map,
            timeout_ms,
            &[],
+            &[],
            use_private_desktop,
        )
    }
@@ -364,6 +366,7 @@ mod windows_impl {
        mut env_map: HashMap<String, String>,
        timeout_ms: Option<u64>,
        additional_deny_write_paths: &[PathBuf],
+        _protected_metadata_targets: &[ProtectedMetadataTarget],
        use_private_desktop: bool,
    ) -> Result<CaptureResult> {
        let common = prepare_legacy_spawn_context(