openai · etraut-openai · Apr 3, 2026 · Apr 3, 2026 · Apr 3, 2026 · Apr 3, 2026
diff --git a/codex-rs/process-hardening/README.md b/codex-rs/process-hardening/README.md
@@ -4,4 +4,5 @@ This crate provides `pre_main_hardening()`, which is designed to be called pre-`
 
 - disabling core dumps
 - disabling ptrace attach on Linux and macOS
-- removing dangerous environment variables such as `LD_PRELOAD` and `DYLD_*`
+- removing dangerous or noisy environment variables such as `LD_PRELOAD`,
+  `DYLD_*`, and macOS malloc stack-logging controls
diff --git a/codex-rs/process-hardening/src/lib.rs b/codex-rs/process-hardening/src/lib.rs
@@ -8,7 +8,8 @@ use std::os::unix::ffi::OsStrExt;
 /// various process hardening steps, such as
 /// - disabling core dumps
 /// - disabling ptrace attach on Linux and macOS.
-/// - removing dangerous environment variables such as LD_PRELOAD and DYLD_*
+/// - removing dangerous or noisy environment variables such as LD_PRELOAD,
+///   DYLD_*, and macOS malloc stack-logging controls
 pub fn pre_main_hardening() {
     #[cfg(any(target_os = "linux", target_os = "android"))]
     pre_main_hardening_linux();
@@ -57,26 +58,15 @@ pub(crate) fn pre_main_hardening_linux() {
 
     // Official Codex releases are MUSL-linked, which means that variables such
     // as LD_PRELOAD are ignored anyway, but just to be sure, clear them here.
-    let ld_keys = env_keys_with_prefix(std::env::vars_os(), b"LD_");
-
-    for key in ld_keys {
-        unsafe {
-            std::env::remove_var(key);
-        }
-    }
+    remove_env_vars_with_prefix(b"LD_");
 }
 
 #[cfg(any(target_os = "freebsd", target_os = "openbsd"))]
 pub(crate) fn pre_main_hardening_bsd() {
     // FreeBSD/OpenBSD: set RLIMIT_CORE to 0 and clear LD_* env vars
     set_core_file_size_limit_to_zero();
 
-    let ld_keys = env_keys_with_prefix(std::env::vars_os(), b"LD_");
-    for key in ld_keys {
-        unsafe {
-            std::env::remove_var(key);
-        }
-    }
+    remove_env_vars_with_prefix(b"LD_");
 }
 
 #[cfg(target_os = "macos")]
@@ -96,13 +86,13 @@ pub(crate) fn pre_main_hardening_macos() {
 
     // Remove all DYLD_ environment variables, which can be used to subvert
     // library loading.
-    let dyld_keys = env_keys_with_prefix(std::env::vars_os(), b"DYLD_");
+    remove_env_vars_with_prefix(b"DYLD_");
 
-    for key in dyld_keys {
-        unsafe {
-            std::env::remove_var(key);
-        }
-    }
+    // Remove macOS malloc stack-logging controls so allocator diagnostics from
+    // Codex or inherited child processes do not get sprayed into the TUI:
+    // https://github.com/openai/codex/issues/11555
+    remove_env_vars_with_prefix(b"MallocStackLogging");
+    remove_env_vars_with_prefix(b"MallocLogFile");
 }
 
 #[cfg(unix)]
@@ -127,6 +117,15 @@ pub(crate) fn pre_main_hardening_windows() {
     // TODO(mbolin): Perform the appropriate configuration for Windows.
 }
 
+#[cfg(unix)]
+fn remove_env_vars_with_prefix(prefix: &[u8]) {
+    for key in env_keys_with_prefix(std::env::vars_os(), prefix) {
+        unsafe {
+            std::env::remove_var(key);
+        }
+    }
+}
+
 #[cfg(unix)]
 fn env_keys_with_prefix<I>(vars: I, prefix: &[u8]) -> Vec<OsString>
 where