How to set Codex sandbox mode

Sandbox mode limits which files the Codex CLI can read or write while executing commands, reducing the chance of accidental edits and unintended data exposure.

When running a task through codex exec, tool calls and shell commands execute under a sandbox policy selected with the -s option. Common modes include read-only (no filesystem writes), workspace-write (writes allowed within the current workspace), and danger-full-access (broad access beyond the workspace); the default for codex exec is read-only.

Keep the workspace directory narrow and predictable before enabling write access, since workspace-write can modify any file under that root. Reserve danger-full-access for short, deliberate operations and avoid running it from directories that contain secrets (for example /home/user/.ssh) or critical system paths (for example /etc), because it can overwrite configuration or leak credentials. You can also persist a default sandbox in /~/.codex/config.toml via sandbox_mode.

Steps to set Codex sandbox mode:

Change to the directory that should be treated as the Codex workspace.
```
$ cd ~/work/project
```
Confirm the workspace boundary by printing the current directory path.
```
$ pwd
/home/user/work/project
```
List the top-level files to confirm the correct workspace is selected.
```
$ ls -1
README.md
src
tests
```
Run Codex in read-only mode for a single command.
```
$ codex exec -s read-only "Return OK."
OK
```
The read-only sandbox prevents creating, deleting, or modifying files.

Related: How to fix Codex trusted directory errors

Attempt a workspace write in read-only mode to confirm changes are blocked.

$ codex exec -s read-only "Create a file named codex-sandbox-test.txt containing OK."
I can't write files in this environment because the sandbox is read-only.
If you want to create it yourself, run:
printf "OK" > /home/user/work/project/codex-sandbox-test.txt

Verify the test file was not created in the workspace.

$ ls -l codex-sandbox-test.txt
ls: cannot access 'codex-sandbox-test.txt': No such file or directory

Run Codex in workspace-write mode when edits are required.
```
$ codex exec -s workspace-write "Return OK."
OK
```
The workspace-write sandbox allows writes under the current workspace directory.

Related: How to fix Codex trusted directory errors

Create a test file inside the workspace using workspace-write mode.

$ codex exec -s workspace-write "Create a file named codex-sandbox-test.txt containing OK."
Created `codex-sandbox-test.txt` with `OK` in /home/user/work/project.

Verify the test file exists in the workspace.

$ ls -l codex-sandbox-test.txt
-rw-r--r-- 1 user user 2 Jan 19 11:39 codex-sandbox-test.txt

Verify the test file content matches the request.
```
$ cat codex-sandbox-test.txt
OK
```
Remove the test file after verification.
```
$ rm -f codex-sandbox-test.txt
```
Run Codex in danger-full-access mode only when access outside the workspace is required.
```
$ codex exec -s danger-full-access "Return OK."
OK
```
The danger-full-access sandbox can read and write outside the workspace, including sensitive paths like /etc and /home.
Prefer returning to read-only mode after completing the privileged task.
```
$ codex exec -s read-only "Return OK."
OK
```

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.