fix: remove existing process hardening from Codex CLI (#8951)

As explained in https://github.com/openai/codex/issues/8945 and https://github.com/openai/codex/issues/8472, there are legitimate cases where users expect processes spawned by Codex to inherit environment variables such as `LD_LIBRARY_PATH` and `DYLD_LIBRARY_PATH`, where failing to do so can cause significant performance issues. This PR removes the use of `codex_process_hardening::pre_main_hardening()` in Codex CLI (which was added not in response to a known security issue, but because it seemed like a prudent thing to do from a security perspective: https://github.com/openai/codex/pull/4521), but we will continue to use it in `codex-responses-api-proxy`. At some point, we probably want to introduce a slightly different version of `codex_process_hardening::pre_main_hardening()` in Codex CLI that excludes said environment variables from the Codex process itself, but continues to propagate them to subprocesses.
2026-01-08 21:19:34 -08:00 · 2026-01-08 21:19:34 -08:00 · d3ff668f68
commit d3ff668f68
parent 81caee3400
3 changed files with 0 additions and 12 deletions
--- a/codex-rs/Cargo.lock
+++ b/codex-rs/Cargo.lock
@ -1156,7 +1156,6 @@ dependencies = [
 "codex-execpolicy",
 "codex-login",
 "codex-mcp-server",
- "codex-process-hardening",
 "codex-protocol",
 "codex-responses-api-proxy",
 "codex-rmcp-client",
@ -1166,7 +1165,6 @@ dependencies = [
 "codex-utils-absolute-path",
 "codex-utils-cargo-bin",
 "codex-windows-sandbox",
- "ctor 0.5.0",
 "libc",
 "owo-colors",
 "predicates",
--- a/codex-rs/cli/Cargo.toml
+++ b/codex-rs/cli/Cargo.toml
@ -30,7 +30,6 @@ codex-exec = { workspace = true }
 codex-execpolicy = { workspace = true }
 codex-login = { workspace = true }
 codex-mcp-server = { workspace = true }
-codex-process-hardening = { workspace = true }
 codex-protocol = { workspace = true }
 codex-responses-api-proxy = { workspace = true }
 codex-rmcp-client = { workspace = true }
@ -38,7 +37,6 @@ codex-stdio-to-uds = { workspace = true }
 codex-tui = { workspace = true }
 codex-tui2 = { workspace = true }
 codex-utils-absolute-path = { workspace = true }
-ctor = { workspace = true }
 libc = { workspace = true }
 owo-colors = { workspace = true }
 regex-lite = { workspace = true }
--- a/codex-rs/cli/src/main.rs
+++ b/codex-rs/cli/src/main.rs
@ -418,14 +418,6 @@ fn stage_str(stage: codex_core::features::Stage) -> &'static str {
    }
 }

-/// As early as possible in the process lifecycle, apply hardening measures. We
-/// skip this in debug builds to avoid interfering with debugging.
-#[ctor::ctor]
-#[cfg(not(debug_assertions))]
-fn pre_main_hardening() {
-    codex_process_hardening::pre_main_hardening();
-}
-
 fn main() -> anyhow::Result<()> {
    arg0_dispatch_or_else(|codex_linux_sandbox_exe| async move {
        cli_main(codex_linux_sandbox_exe).await?;