openai · iceweasel-oai · Oct 7, 2025 · Oct 8, 2025 · Oct 8, 2025 · Oct 8, 2025
diff --git a/codex-rs/Cargo.lock b/codex-rs/Cargo.lock
diff --git a/codex-rs/Cargo.toml b/codex-rs/Cargo.toml
@@ -17,6 +17,7 @@ members = [
     "file-search",
     "git-tooling",
     "linux-sandbox",
+    "windows-sandbox",
     "login",
     "mcp-client",
     "mcp-server",
@@ -59,6 +60,7 @@ codex-exec = { path = "exec" }
 codex-file-search = { path = "file-search" }
 codex-git-tooling = { path = "git-tooling" }
 codex-linux-sandbox = { path = "linux-sandbox" }
+codex-windows-sandbox = { path = "windows-sandbox" }
 codex-login = { path = "login" }
 codex-mcp-client = { path = "mcp-client" }
 codex-mcp-server = { path = "mcp-server" }
@@ -189,6 +191,15 @@ webbrowser = "1.0"
 which = "6"
 wildmatch = "2.5.0"
 wiremock = "0.6"
+windows = { version = "0.61.3", default-features = false, features = [
+    "Win32_Foundation",
+    "Win32_Security",
+    "Win32_Security_Authorization",
+    "Win32_Security_Isolation",
+    "Win32_Storage_FileSystem",
+    "Win32_System_Memory",
+    "Win32_System_Threading",
+] }
 zeroize = "1.8.1"
 
 [workspace.lints]

diff --git a/codex-rs/windows-sandbox/Cargo.toml b/codex-rs/windows-sandbox/Cargo.toml
@@ -0,0 +1,28 @@
+[package]
+edition = "2024"
+name = "codex-windows-sandbox"
+version = { workspace = true }
+
+[[bin]]
+name = "codex-windows-sandbox"
+path = "src/main.rs"
+
+[lib]
+name = "codex_windows_sandbox"
+path = "src/lib.rs"
+
+[lints]
+workspace = true
+
+[target.'cfg(target_os = "windows")'.dependencies]
+clap = { workspace = true, features = ["derive"] }
+codex-protocol = { workspace = true }
+tokio = { workspace = true, features = ["process", "rt", "rt-multi-thread"] }
+tracing = { workspace = true }
+windows = { workspace = true }
+
+[target.'cfg(target_os = "windows")'.dependencies.serde_json]
+workspace = true
+
+[target.'cfg(target_os = "windows")'.dependencies.serde]
+workspace = true
diff --git a/codex-rs/windows-sandbox/README.md b/codex-rs/windows-sandbox/README.md
@@ -0,0 +1,4 @@
+# codex-windows-sandbox
+
+A standalone helper executable that can launch commands inside a Windows AppContainer
+sandbox using the same `SandboxPolicy` JSON representation used across Codex.
diff --git a/codex-rs/windows-sandbox/src/lib.rs b/codex-rs/windows-sandbox/src/lib.rs
@@ -0,0 +1,10 @@
+#[cfg(target_os = "windows")]
+mod windows_appcontainer;
+
+#[cfg(target_os = "windows")]
+pub use windows_appcontainer::run_main;
+
+#[cfg(not(target_os = "windows"))]
+pub fn run_main() -> ! {
+    panic!("codex-windows-sandbox is only supported on Windows");
+}
diff --git a/codex-rs/windows-sandbox/src/main.rs b/codex-rs/windows-sandbox/src/main.rs
@@ -0,0 +1,3 @@
+fn main() -> ! {
+    codex_windows_sandbox::run_main()
+}