Codex's security protection system
Codex ensures code security through a five-layer protection mechanism:
- Network Isolation Sandbox: All tasks are performed in containers with external network access disabled, blocking the possibility of data exfiltration
- least authority principle (LAP): only accesses GitHub repositories explicitly authorized by the user, cannot scan other repositories
- Operational transparency: Provide complete terminal logs and test output records, all modifications are traceable
- Interim environmental destruction: Destroy the sandbox environment as soon as the task is completed, leaving no copy of the code behind
- Code Change Control: All changes are subject to user review before being merged, and do not directly rewrite the master branch
Its security design has been validated at the enterprise level, and in practice the intelligences can neither actively connect to external services nor retain the state of the environment after a task is completed, which is equivalent to using a completely new isolated environment for each task.
This answer comes from the articleChatGPT Codex: Intelligence for Automating Software Engineering TasksThe
May not be reproduced without permission:AI productivity tools " How does Codex secure a user's private code base?
English 
简体中文 
日本語 
Deutsch 
Português do Brasil