mrtoth/agent-sandbox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Let --rw override --ro on a child path by emitting ro binds first

Browse Source
This commit is contained in:
Kristóf Tóth
2026-04-12 14:36:07 +02:00
parent 327c2933e7
commit 8f30d28965
2 changed files with 37 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/sandbox.rs
+3 -3
View File
@@ -28,13 +28,13 @@ pub fn build_command(config: &SandboxConfig) -> Result<Command, SandboxError> {
cmd.arg("--bind-try").arg(&path).arg(&path);
}
for path in &config.extra_ro {
add_ro_bind(&mut cmd, path)?;
}
add_rw_bind(&mut cmd, &config.chdir)?;
for path in &config.extra_rw {
add_rw_bind(&mut cmd, path)?;
}
for path in &config.extra_ro {
add_ro_bind(&mut cmd, path)?;
}
add_env_policy(&mut cmd, config);
add_user_env_overrides(&mut cmd, config);