valknar/llmx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

reject dangerous commands for AskForApproval::Never (#4307)

Browse Source 
If we detect a dangerous command but approval_policy is Never, simply
reject the command.
This commit is contained in:
iceweasel-oai
2025-09-26 14:08:28 -07:00
committed by GitHub
parent 1fba99ed85
commit 55801700de
1 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
codex-rs/core/src/safety.rs
View File

@@ -89,8 +89,15 @@ pub fn assess_command_safety(
) -> SafetyCheck { ) -> SafetyCheck {
// Some commands look dangerous. Even if they are run inside a sandbox, // Some commands look dangerous. Even if they are run inside a sandbox,
// unless the user has explicitly approved them, we should ask, // unless the user has explicitly approved them, we should ask,
// regardless of the approval policy and sandbox policy. // or reject if the approval_policy tells us not to ask.
if command_might_be_dangerous(command) && !approved.contains(command) { if command_might_be_dangerous(command) && !approved.contains(command) {
if approval_policy == AskForApproval::Never {
return SafetyCheck::Reject {
reason: "dangerous command detected; rejected by user approval settings"
.to_string(),
};
}
return SafetyCheck::AskUser; return SafetyCheck::AskUser;
} }
@@ -376,7 +383,13 @@ mod tests {
request_escalated_privileges, request_escalated_privileges,
); );
assert_eq!(safety_check, SafetyCheck::AskUser); assert_eq!(
safety_check,
SafetyCheck::Reject {
reason: "dangerous command detected; rejected by user approval settings"
.to_string(),
}
);
} }
#[test] #[test]