Skip to content

Enforce preserved path names in Seatbelt#19847

Draft
evawong-oai wants to merge 1 commit intocodex/bugb15632-policy-primitivefrom
codex/bugb15632-seatbelt-preserved-paths
Draft

Enforce preserved path names in Seatbelt#19847
evawong-oai wants to merge 1 commit intocodex/bugb15632-policy-primitivefrom
codex/bugb15632-seatbelt-preserved-paths

Conversation

@evawong-oai
Copy link
Copy Markdown
Contributor

@evawong-oai evawong-oai commented Apr 27, 2026
edited
Loading

Summary

Teach the macOS Seatbelt sandbox to enforce preserved path names that come from the shared policy primitive.

Scope

  1. Thread preserved_path_names into Seatbelt access roots.
  2. Emit sandbox rules that deny creating or replacing preserved path components under writable roots.
  3. Add coverage for first time creation attempts and read only carveouts.

Reviewer Focus

  1. This PR only covers the macOS sandbox path.
  2. The preserved names are supplied by policy rather than hard coded in command preflight.
  3. Read only subpath carveouts and preserved name checks should compose cleanly.

Stack

  1. Policy primitive: Add preserved path policy primitive #19846
  2. macOS Seatbelt enforcement: this PR
  3. Shell preflight: Add preserved path shell preflight #19848
  4. Runtime permission propagation: Propagate runtime permission profiles #19849
  5. Linux bubblewrap enforcement: Enforce preserved path names in Linux sandbox #19852

Validation

  1. Focused Seatbelt tests passed locally.
  2. Formatter passed locally.

This was referenced Apr 27, 2026
Merged
Open
Draft
Draft
Draft
@evawong-oai evawong-oai force-pushed the codex/bugb15632-policy-primitive branch from 82c9632 to 1bbee67 Compare April 27, 2026 18:31
@evawong-oai evawong-oai force-pushed the codex/bugb15632-seatbelt-preserved-paths branch 2 times, most recently from fe774aa to 017761a Compare April 27, 2026 18:40
@evawong-oai evawong-oai force-pushed the codex/bugb15632-policy-primitive branch from 1bbee67 to 3353479 Compare April 27, 2026 18:40
@evawong-oai evawong-oai force-pushed the codex/bugb15632-seatbelt-preserved-paths branch from 017761a to 613fe13 Compare April 27, 2026 18:55
@evawong-oai evawong-oai force-pushed the codex/bugb15632-policy-primitive branch from 0cfa95f to a99da8c Compare April 27, 2026 19:07
@evawong-oai evawong-oai force-pushed the codex/bugb15632-seatbelt-preserved-paths branch from 613fe13 to 6e4de4c Compare April 27, 2026 19:07
@evawong-oai evawong-oai force-pushed the codex/bugb15632-policy-primitive branch from a99da8c to 5b59ee3 Compare April 27, 2026 19:48
@evawong-oai evawong-oai force-pushed the codex/bugb15632-seatbelt-preserved-paths branch 2 times, most recently from 0b8c428 to 6541b90 Compare April 27, 2026 20:52
@evawong-oai evawong-oai force-pushed the codex/bugb15632-policy-primitive branch 2 times, most recently from 01771db to 11fa852 Compare April 27, 2026 21:14
@evawong-oai evawong-oai force-pushed the codex/bugb15632-seatbelt-preserved-paths branch from 6541b90 to c2bf30f Compare April 27, 2026 21:14
@evawong-oai evawong-oai force-pushed the codex/bugb15632-policy-primitive branch from 11fa852 to ab4b378 Compare April 27, 2026 22:21
@evawong-oai evawong-oai force-pushed the codex/bugb15632-seatbelt-preserved-paths branch from c2bf30f to 5e3f0d4 Compare April 27, 2026 22:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@evawong-oai