diff --git a/codex-cli/src/utils/agent/sandbox/macos-seatbelt.ts b/codex-cli/src/utils/agent/sandbox/macos-seatbelt.ts
index 03174582..77f7216f 100644
--- a/codex-cli/src/utils/agent/sandbox/macos-seatbelt.ts
+++ b/codex-cli/src/utils/agent/sandbox/macos-seatbelt.ts
@@ -3,6 +3,7 @@ import type { SpawnOptions } from "child_process";
 
 import { exec } from "./raw-exec.js";
 import { log } from "../log.js";
+import { realpathSync } from "fs";
 import { CONFIG_DIR } from "src/utils/config.js";
 
 function getCommonRoots() {
@@ -29,7 +30,9 @@ export function execWithSeatbelt(
     const { policies, params } = writableRoots
       .map((root, index) => ({
         policy: `(subpath (param "WRITABLE_ROOT_${index}"))`,
-        param: `-DWRITABLE_ROOT_${index}=${root}`,
+        // the kernel resolves symlinks before handing them to seatbelt for checking
+        // so store the canonicalized form in the policy to be compared against
+        param: `-DWRITABLE_ROOT_${index}=${realpathSync(root)}`,
       }))
       .reduce(
         (