Skip to content

Use Windows setup marker as completion signal#26074

Merged
abhinav-oai merged 9 commits into
mainfrom
abhinav/windows-sandbox-marker-completion
Jun 3, 2026
Merged

Use Windows setup marker as completion signal#26074
abhinav-oai merged 9 commits into
mainfrom
abhinav/windows-sandbox-marker-completion

Conversation

@abhinav-oai

@abhinav-oai abhinav-oai commented Jun 3, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

Why

When an organization requires the elevated Windows sandbox, Codex launches an elevated helper to provision users, configure firewall and ACL rules, and lock persistent sandbox directories.

We observed that closing the helper after setup started could leave the machine partially initialized while the TUI still announced Sandbox ready. Model-only turns continued to work, but the first shell command retried setup and failed with Windows cancellation error 1223.

This was not an enforcement bypass; command execution continued to fail closed. The issue was a false readiness signal: setup_marker.json was written during user provisioning, before the remaining setup stages had completed.

What

Treat setup_marker.json as the commit record for Windows sandbox setup:

  1. Before full or provisioning setup begins, remove the existing marker and create the final marker path with a protected ACL.
  2. Keep the marker empty and therefore invalid while setup is in progress. Sandbox users cannot read, modify, or replace it.
  3. Run every synchronous setup stage.
  4. After setup succeeds, write the valid marker contents without changing its ACL.
  5. After the helper exits successfully, verify the existing readiness check before enabling the sandbox.

If setup is canceled or fails, the marker remains invalid and Codex reports setup as incomplete instead of announcing readiness.

Refresh-only and read-ACL-only helper runs continue to leave the marker untouched. The setup version remains 5 to avoid forcing all existing Windows users through elevated setup again.

Verification

  • Added coverage confirming sandbox users cannot read or modify the setup marker after elevated setup.
  • Added coverage confirming a successful helper exit without complete setup artifacts is rejected.
  • Ran just test -p codex-windows-sandbox.

@abhinav-oai abhinav-oai marked this pull request as ready for review June 3, 2026 07:02
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed Jun 3, 2026
View reviewed changes

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 21cce60ea3

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread codex-rs/windows-sandbox-rs/src/bin/setup_main/win/sandbox_users.rs
Comment thread codex-rs/windows-sandbox-rs/src/bin/setup_main/win/sandbox_users.rs Outdated
Comment thread codex-rs/windows-sandbox-rs/src/bin/setup_main/win.rs Outdated
@abhinav-oai abhinav-oai requested a review from a team as a code owner June 3, 2026 07:26
@abhinav-oai

abhinav-oai commented Jun 3, 2026

Copy link
Copy Markdown
Collaborator Author

@codex review again

chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed Jun 3, 2026
View reviewed changes

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 59eeb54a26

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread codex-rs/windows-sandbox-rs/src/bin/setup_main/win/sandbox_users.rs Outdated
iceweasel-oai
iceweasel-oai requested changes Jun 3, 2026
View reviewed changes
Comment thread codex-rs/windows-sandbox-rs/src/bin/setup_main/win/sandbox_users.rs Outdated
Comment thread codex-rs/windows-sandbox-rs/src/setup.rs Outdated
@abhinav-oai abhinav-oai requested a review from iceweasel-oai June 3, 2026 20:44
@abhinav-oai abhinav-oai merged commit 0ed2735 into main Jun 3, 2026
31 checks passed
@abhinav-oai abhinav-oai deleted the abhinav/windows-sandbox-marker-completion branch June 3, 2026 22:33
@github-actions github-actions Bot locked and limited conversation to collaborators Jun 3, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

@iceweasel-oai iceweasel-oai iceweasel-oai approved these changes

@sayan-oai sayan-oai sayan-oai approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@abhinav-oai @iceweasel-oai @sayan-oai