Sandbox for Codex on Windows: how we achieved security

Friends, I’d like to share from the OpenAI ecosystem: I implemented a sandbox for Codex on Windows.
The gist: standard Windows tools (AppContainer, Windows Sandbox, MIC) were unsuitable. The initial unelevated prototype used synthetic SIDs, write-restricted tokens and a network-suppression environment — it worked, but network restrictions were unreliable and ACL changes were costly.
Solution: with a one-time admin install we create CodexSandboxOnline/Offline users, configure firewall rules and run commands via a separate runner with a limited token. This provides reliable network isolation and controllable write privileges.
Why it matters: Codex remains useful and safe in real-world workflows.
What trade-offs in a Windows sandbox do you consider acceptable?
#OpenAI #Codex #Windows #cybersecurity


Latest comments
No comments yet.