escalating permissions

codex-rs/core/src/tasks/user_shell.rs

@@ -82,7 +82,7 @@ impl SessionTask for UserShellCommandTask {
             command: shell_invocation,
             workdir: None,
             timeout_ms: None,
-            with_escalated_permissions: None,
+            with_escalated_permissions: Some(true),
             justification: None,
         };
 

codex-rs/core/src/tools/handlers/shell.rs

@@ -219,6 +219,7 @@ impl ShellHandler {
             env: exec_params.env.clone(),
             with_escalated_permissions: exec_params.with_escalated_permissions,
             justification: exec_params.justification.clone(),
+            is_user_shell_command,
         };
         let mut orchestrator = ToolOrchestrator::new();
         let mut runtime = ShellRuntime::new();

codex-rs/core/src/tools/runtimes/shell.rs

@@ -34,6 +34,7 @@ pub struct ShellRequest {
     pub env: std::collections::HashMap<String, String>,
     pub with_escalated_permissions: Option<bool>,
     pub justification: Option<String>,
+    pub is_user_shell_command: bool,
 }
 
 impl ProvidesSandboxRetryData for ShellRequest {
@@ -121,6 +122,9 @@ impl Approvable<ShellRequest> for ShellRuntime {
         policy: AskForApproval,
         sandbox_policy: &SandboxPolicy,
     ) -> bool {
+        if req.is_user_shell_command {
+            return false;
+        }
         if is_known_safe_command(&req.command) {
             return false;
         }