Skip to content

fix(sandbox): default missing process identity before privilege checks#337

Closed
drew wants to merge 1 commit intoNVIDIA:mainfrom
vincentkoc:codex/propose-fix-for-sandbox-user-validation-issue
Closed

fix(sandbox): default missing process identity before privilege checks#337
drew wants to merge 1 commit intoNVIDIA:mainfrom
vincentkoc:codex/propose-fix-for-sandbox-user-validation-issue

Conversation

@drew
Copy link
Collaborator

@drew drew commented Mar 16, 2026

Motivation

  • A regression allowed policies with missing or empty run_as_user/run_as_group to skip privilege dropping and run sandboxed children as root, weakening isolation.
  • The runtime must ensure the process identity is normalized before any privilege-drop or filesystem ownership operations so a missing identity cannot bypass security checks.

Description

  • Change run_sandbox to retain a mutable policy returned from load_policy and pass a mutable reference into validate_sandbox_user so normalization happens at startup (crates/openshell-sandbox/src/lib.rs).
  • Update validate_sandbox_user signature to accept &mut SandboxPolicy and fill missing or empty process.run_as_user and process.run_as_group with the literal string "sandbox" before verifying the account exists in the image (crates/openshell-sandbox/src/lib.rs).
  • Add two regression unit tests that assert missing and empty process identity fields are populated to sandbox by the validation function (validate_sandbox_user_fills_missing_process_identity and validate_sandbox_user_fills_empty_process_identity in crates/openshell-sandbox/src/lib.rs).
  • Keep existing behavior of failing fast if the sandbox account is absent, preserving the preexisting safety check while preventing noop privilege drops.

Testing

  • Ran the unit tests in the sandbox crate targeting the new checks with cargo test -p openshell-sandbox and verified the new tests validate_sandbox_user_fills_missing_process_identity and validate_sandbox_user_fills_empty_process_identity passed.
  • Ran cargo fmt --all --check which succeeded in this environment.
  • Attempted mise run pre-commit but it could not complete in this environment due to external tool metadata resolution and task discovery failures (environment/network limitation), so pre-commit hooks were not validated here.

Codex Task

@drew drew added integration:aardvark Aardvark integration integration:codex Codex integration labels Mar 16, 2026
@github-actions
Copy link

github-actions bot commented Mar 16, 2026

Thank you for your submission! We ask that you sign our Developer Certificate of Origin before we can accept your contribution. You can sign the DCO by adding a comment below using this text:

I have read the DCO document and I hereby sign the DCO.

You can retrigger this bot by commenting recheck in this Pull Request. Posted by the DCO Assistant Lite bot.

@johntmyers johntmyers mentioned this pull request Mar 16, 2026
Closed
@johntmyers
Copy link
Collaborator

johntmyers commented Mar 16, 2026

Closing in favor of consolidated re-implementation. See #350 for tracking.

@johntmyers johntmyers closed this Mar 16, 2026
@johntmyers johntmyers mentioned this pull request Mar 16, 2026
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

integration:aardvark Aardvark integration integration:codex Codex integration

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@drew @johntmyers @vincentkoc