Run exec-server fs operations through sandbox helper (#17294)

## Summary - run exec-server filesystem RPCs requiring sandboxing through a `codex-fs` arg0 helper over stdin/stdout - keep direct local filesystem execution for `DangerFullAccess` and external sandbox policies - remove the standalone exec-server binary path in favor of top-level arg0 dispatch/runtime paths - add sandbox escape regression coverage for local and remote filesystem paths ## Validation - `just fmt` - `git diff --check` - remote devbox: `cd codex-rs && bazel test --bes_backend= --bes_results_url= //codex-rs/exec-server:all` (6/6 passed) --------- Co-authored-by: Codex <noreply@openai.com>
2026-05-02 18:37:01 +00:00 · 2026-04-12 18:36:03 -07:00
parent 7c1e41c8b6
commit d626dc3895
52 changed files with 2313 additions and 895 deletions
--- a/codex-rs/core/src/project_doc.rs
+++ b/codex-rs/core/src/project_doc.rs
@@ -169,14 +169,14 @@ async fn read_project_docs_with_fs(
            break;
        }

-        match fs.get_metadata(&p).await {
+        match fs.get_metadata(&p, /*sandbox*/ None).await {
            Ok(metadata) if !metadata.is_file => continue,
            Ok(_) => {}
            Err(err) if err.kind() == io::ErrorKind::NotFound => continue,
            Err(err) => return Err(err),
        }

-        let mut data = match fs.read_file(&p).await {
+        let mut data = match fs.read_file(&p, /*sandbox*/ None).await {
            Ok(data) => data,
            Err(err) if err.kind() == io::ErrorKind::NotFound => continue,
            Err(err) => return Err(err),
@@ -249,7 +249,7 @@ pub async fn discover_project_doc_paths(
        for ancestor in dir.ancestors() {
            for marker in &project_root_markers {
                let marker_path = AbsolutePathBuf::try_from(ancestor.join(marker))?;
-                let marker_exists = match fs.get_metadata(&marker_path).await {
+                let marker_exists = match fs.get_metadata(&marker_path, /*sandbox*/ None).await {
                    Ok(_) => true,
                    Err(err) if err.kind() == io::ErrorKind::NotFound => false,
                    Err(err) => return Err(err),
@@ -289,7 +289,7 @@ pub async fn discover_project_doc_paths(
    for d in search_dirs {
        for name in &candidate_filenames {
            let candidate = d.join(name);
-            match fs.get_metadata(&candidate).await {
+            match fs.get_metadata(&candidate, /*sandbox*/ None).await {
                Ok(md) if md.is_file => {
                    found.push(candidate);
                    break;