sandboxing: use OsString for SandboxCommand.program (#15897)

## Why `SandboxCommand.program` represents an executable path, but keeping it as `String` forced path-backed callers to run `to_string_lossy()` before the sandbox layer ever touched the command. That loses fidelity earlier than necessary and adds avoidable conversions in runtimes that already have a `PathBuf`. ## What changed - Changed `SandboxCommand.program` to `OsString`. - Updated `SandboxManager::transform` to keep the program and argv in `OsString` form until the `SandboxExecRequest` conversion boundary. - Switched the path-backed `apply_patch` and `js_repl` runtimes to pass `into_os_string()` instead of `to_string_lossy()`. - Updated the remaining string-backed builders and tests to match the new type while preserving the existing Linux helper `arg0` behavior. ## Verification - `cargo test -p codex-sandboxing` - `just argument-comment-lint -p codex-core -p codex-sandboxing` - `cargo test -p codex-core` currently fails in unrelated existing config tests: `config::tests::approvals_reviewer_*` and `config::tests::smart_approvals_alias_*`
2026-05-03 02:46:39 +00:00 · 2026-03-26 13:38:33 -07:00
parent b23789b770
commit dfb36573cd
8 changed files with 33 additions and 24 deletions
--- a/codex-rs/sandboxing/src/manager_tests.rs
+++ b/codex-rs/sandboxing/src/manager_tests.rs
@@ -76,7 +76,7 @@ fn transform_preserves_unrestricted_file_system_policy_for_restricted_network()
    let exec_request = manager
        .transform(SandboxTransformRequest {
            command: SandboxCommand {
-                program: "true".to_string(),
+                program: "true".into(),
                args: Vec::new(),
                cwd: cwd.clone(),
                env: HashMap::new(),
@@ -122,7 +122,7 @@ fn transform_additional_permissions_enable_network_for_external_sandbox() {
    let exec_request = manager
        .transform(SandboxTransformRequest {
            command: SandboxCommand {
-                program: "true".to_string(),
+                program: "true".into(),
                args: Vec::new(),
                cwd: cwd.clone(),
                env: HashMap::new(),
@@ -181,7 +181,7 @@ fn transform_additional_permissions_preserves_denied_entries() {
    let exec_request = manager
        .transform(SandboxTransformRequest {
            command: SandboxCommand {
-                program: "true".to_string(),
+                program: "true".into(),
                args: Vec::new(),
                cwd: cwd.clone(),
                env: HashMap::new(),
@@ -259,7 +259,7 @@ fn transform_linux_seccomp_request(
    manager
        .transform(SandboxTransformRequest {
            command: SandboxCommand {
-                program: "true".to_string(),
+                program: "true".into(),
                args: Vec::new(),
                cwd: cwd.clone(),
                env: HashMap::new(),