Files
viyatb-oai d40454522e [codex] Allow socketpair in proxy-routed Linux sandbox (#26625)
## Summary

- allow `socketpair(AF_UNIX, ...)` in the proxy-routed Linux seccomp
mode
- continue denying `socket(AF_UNIX, ...)` so user commands cannot create
pathname or abstract Unix sockets
- extend the managed-proxy integration test to verify both behaviors

## Root cause

`NetworkSeccompMode::ProxyRouted` treated anonymous Unix socket pairs
like externally addressable Unix sockets and returned `EPERM`. This
breaks tools that use socket pairs for local child-process IPC even
though a socket pair cannot connect outside the sandbox or bypass the
routed proxy.

`dangerously_allow_all_unix_sockets` controls Unix-socket requests
forwarded by the managed network proxy; it does not currently configure
the Linux seccomp filter. Socket pairs should not require that dangerous
setting because they are unnamed, process-local IPC.

Related but independent: #26553 fixes host proxy bridge socket path
length handling.

---------

Co-authored-by: Codex <noreply@openai.com>
d40454522e ยท 2026-06-05 09:34:36 -07:00
History
..