clone/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2026-04-26 07:35:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

allow elevated sandbox to be enabled without base experimental flag (#10028)

Browse Source 
elevated flag = elevated sandbox
experimental flag = non-elevated sandbox
both = elevated
This commit is contained in:
iceweasel-oai
2026-01-28 11:38:29 -08:00
committed by GitHub
parent b7edeee8ca
commit 66de985e4e
5 changed files with 90 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
codex-rs/cli/src/debug_sandbox.rs
View File

@@ -136,7 +136,8 @@ async fn run_command_under_sandbox(
if let SandboxType::Windows = sandbox_type {
#[cfg(target_os = "windows")]
{
use codex_core::features::Feature;
use codex_core::windows_sandbox::WindowsSandboxLevelExt;
use codex_protocol::config_types::WindowsSandboxLevel;
use codex_windows_sandbox::run_windows_sandbox_capture;
use codex_windows_sandbox::run_windows_sandbox_capture_elevated;
@@ -147,8 +148,10 @@ async fn run_command_under_sandbox(
let env_map = env.clone();
let command_vec = command.clone();
let base_dir = config.codex_home.clone();
let use_elevated = config.features.enabled(Feature::WindowsSandbox)
&& config.features.enabled(Feature::WindowsSandboxElevated);
let use_elevated = matches!(
WindowsSandboxLevel::from_config(&config),
WindowsSandboxLevel::Elevated
);
// Preflight audit is invoked elsewhere at the appropriate times.
let res = tokio::task::spawn_blocking(move || {