Allow running without a sandbox if the user has explicitly marked the environment as already being sufficiently locked-down.

[doggy8088]

This pull request modifies the sandbox selection logic in the getSandbox function to prioritize a new environment variable, CODEX_UNSAFE_ALLOW_NO_SANDBOX, for improved flexibility in sandbox behavior. The most important changes include reordering condition checks and removing redundant code.

Sandbox logic updates:

• codex-cli/src/utils/agent/handle-exec-command.ts: Added a condition to prioritize the CODEX_UNSAFE_ALLOW_NO_SANDBOX environment variable, allowing users to explicitly disable sandboxing if they have ensured a secure environment. This condition now appears before the macOS-specific sandbox logic.

[WesHacixo]

This sounds like a really unreasoned approach.

[christophkogler]

dupe of #996

The change seems fine to me. The purpose of the flag is to allow skipping codex sandboxing (useful in an already locked down environment), and it explicitly describes itself as unsafe. Current logic checks the flag to allow skipping sandboxing, but only for platforms except Darwin and Linux. When running in 'dangerous' modes of operation, it tries to sandbox those platforms regardless of the flag.

[codex-maintainers]

Thanks for the contribution! We're primarily focused on the native/Rust implementation of Codex CLI and would love to see if this is still an issue on the latest version. If it is, we're happy to take a look at a PR to the codex-rs/ implementation.