Promote Windows Sandbox by iceweasel-oai · Pull Request #11341 · openai/codex

iceweasel-oai · 2026-02-10T18:39:15Z

Move Windows Sandbox NUX to right after trust directory screen
Don't offer read-only as an option in Sandbox NUX. Elevated/Legacy/Quit
Don't allow new untrusted directories. It's trust or quit
move experimental sandbox features to [windows] sandbox="elevated|unelevatd"
Copy tweaks = elevated -> default, non-elevated -> non-admin

dylan-hurd-oai

Some light things to discuss but nothing hugely blocking

codex-rs/core/src/config/edit.rs

dylan-hurd-oai · 2026-02-10T21:24:27Z

codex-rs/core/src/features.rs

+        apply_windows_sandbox_mode(
+            &mut features,
+            resolve_windows_sandbox_mode(cfg, config_profile),
+        );


should we really be potentially mutating the config every time we load it? I see the reasoning for resolving to a healthy config but curious if this is the right way to do so

gonna clean this up so we don't ever rely on the old features. This doesn't write the config to disk, but it's still a bit wonky

dylan-hurd-oai · 2026-02-10T21:36:24Z

codex-rs/tui/src/app_event.rs


+    /// Begin the non-elevated Windows sandbox setup flow.
+    #[cfg_attr(not(target_os = "windows"), allow(dead_code))]
+    BeginWindowsSandboxLegacySetup {


We refer to this as non-admin in the product but Legacy in the code - should we standardize? wasn't obvious to me

we should. I just wanna do it in a follow-up since Legacy probably appears in a bunch of places (including metrics tags, etc.)

dylan-hurd-oai · 2026-02-10T21:37:32Z

codex-rs/tui/src/chatwidget.rs

            },
            SelectionItem {
-                name: stay_label,
+                name: "Use non-admin sandbox (higher risk if prompt injected)".to_string(),


Will we have already shown the user the warning in this case? Do we need the parentheses here? Also Use the

this is the first time they are seeing really anything about sandbox modes

dylan-hurd-oai · 2026-02-10T21:39:39Z

codex-rs/tui/src/chatwidget.rs

        lines.push(line![""]);
        lines.push(line![
-            "Elevation failed. You can also use a non-elevated sandbox, which protects your files and prevents network access under most circumstances. However, it carries greater risk if prompt injected."
+            "You can still use Codex in a non-admin sandbox. It carries greater risk if prompt injected."


Why remove which protects your files and prevents network access under most circumstances. ?

I think we might want to bring that back. Will discuss

codex-rs/tui/src/chatwidget.rs

dylan-hurd-oai · 2026-02-10T21:42:07Z

codex-rs/tui/src/lib.rs

    {
        tracing::warn!(error = %err, "failed to run personality migration");
    }
-


dylan-hurd-oai

One final comment about naming, LTGM after we fix CI!

dylan-hurd-oai · 2026-02-11T01:19:13Z

codex-rs/core/src/config/mod.rs

-        let windows_sandbox_level = WindowsSandboxLevel::from_features(&features);
+        let windows_sandbox_level = match windows_sandbox_mode {
+            Some(WindowsSandboxModeToml::Elevated) => WindowsSandboxLevel::Elevated,
+            Some(WindowsSandboxModeToml::Unelevated) => WindowsSandboxLevel::RestrictedToken,


WindowsSandboxModeToml and WindowsSandboxLevel feel mismatched - should we rename to WindowsSandboxLevelToml?

iceweasel-oai changed the title ~~Dev/iceweasel/promote sandbox nux~~ Promote Windows Sandbox Feb 10, 2026

iceweasel-oai requested a review from dylan-hurd-oai February 10, 2026 19:32

iceweasel-oai added 11 commits February 10, 2026 12:19

move sandbox NUX up to CLI startup

c2def81

move sandbox config to [windows], no longer experimental

07ca8b3

copy and flow updates

5a75d6d

fix override bug

489c067

cargo fmt

6604cd8

small refactor for legacy keys

172c689

cargo fmt

2cdc62a

fix snapshots

334adab

fix clippy issues

1953000

clippy fix

450daa8

fix snapshot tests.

ccdf8bc

iceweasel-oai force-pushed the dev/iceweasel/promote-sandbox-nux branch from e1fd473 to ccdf8bc Compare February 10, 2026 20:19

dylan-hurd-oai reviewed Feb 10, 2026

View reviewed changes

iceweasel-oai added 2 commits February 10, 2026 16:13

always use new config values. address review comments.

e1df2b3

cargo fmt

c955830

dylan-hurd-oai approved these changes Feb 11, 2026

View reviewed changes

update structs.

ff4a747

iceweasel-oai merged commit 87279de into main Feb 11, 2026
32 checks passed

iceweasel-oai deleted the dev/iceweasel/promote-sandbox-nux branch February 11, 2026 19:48

github-actions bot locked and limited conversation to collaborators Feb 11, 2026

Conversation

iceweasel-oai commented Feb 10, 2026

Uh oh!

dylan-hurd-oai left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

dylan-hurd-oai Feb 10, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

iceweasel-oai Feb 10, 2026 • edited by dylan-hurd-oai Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

dylan-hurd-oai left a comment • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

dylan-hurd-oai Feb 10, 2026 •

edited

Loading

iceweasel-oai Feb 10, 2026 •

edited by dylan-hurd-oai

Loading

dylan-hurd-oai left a comment •

edited

Loading