core/core-agent-ide
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

reject dangerous commands for AskForApproval::Never (#4307)

Browse source 
If we detect a dangerous command but approval_policy is Never, simply
reject the command.
This commit is contained in:
iceweasel-oai 2025-09-26 14:08:28 -07:00 committed by GitHub
parent 1fba99ed85
commit 55801700de
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 15 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
codex-rs/core/src/safety.rs
View file

@ -89,8 +89,15 @@ pub fn assess_command_safety(
) -> SafetyCheck {
// Some commands look dangerous. Even if they are run inside a sandbox,
// unless the user has explicitly approved them, we should ask,
// regardless of the approval policy and sandbox policy.
// or reject if the approval_policy tells us not to ask.
if command_might_be_dangerous(command) && !approved.contains(command) {
if approval_policy == AskForApproval::Never {
return SafetyCheck::Reject {
reason: "dangerous command detected; rejected by user approval settings"
.to_string(),
};
}
return SafetyCheck::AskUser;
}
@ -376,7 +383,13 @@ mod tests {
request_escalated_privileges,
);
assert_eq!(safety_check, SafetyCheck::AskUser);
assert_eq!(
safety_check,
SafetyCheck::Reject {
reason: "dangerous command detected; rejected by user approval settings"
.to_string(),
}
);
}
#[test]