openai · viyatb-oai · Mar 27, 2026 · Mar 27, 2026 · Mar 27, 2026 · Mar 27, 2026
diff --git a/codex-rs/core/tests/suite/approvals.rs b/codex-rs/core/tests/suite/approvals.rs
@@ -179,7 +179,7 @@ impl ActionKind {
                 Ok((event, Some(command)))
             }
             ActionKind::RunCommand { command } => {
-                let event = shell_event(call_id, command, 1_000, sandbox_permissions)?;
+                let event = shell_event(call_id, command, 2_000, sandbox_permissions)?;
                 Ok((event, Some(command.to_string())))
             }
             ActionKind::RunUnifiedExecCommand {

diff --git a/codex-rs/sandboxing/src/bwrap.rs b/codex-rs/sandboxing/src/bwrap.rs
@@ -20,7 +20,7 @@ fn system_bwrap_warning_for_lookup(system_bwrap_path: Option<PathBuf>) -> Option
 pub fn find_system_bwrap_in_path() -> Option<PathBuf> {
     let search_path = std::env::var_os("PATH")?;
     let cwd = std::env::current_dir().ok()?;
-    find_system_bwrap_in_search_paths(std::iter::once(PathBuf::from(search_path)), &cwd)
+    find_system_bwrap_in_search_paths(std::env::split_paths(&search_path), &cwd)
 }
 
 fn find_system_bwrap_in_search_paths(

diff --git a/codex-rs/sandboxing/src/bwrap_tests.rs b/codex-rs/sandboxing/src/bwrap_tests.rs
@@ -33,7 +33,7 @@ exit 1
 }
 
 #[test]
-fn finds_first_executable_bwrap_in_search_paths() {
+fn finds_first_executable_bwrap_in_joined_search_path() {
     let temp_dir = tempdir().expect("temp dir");
     let cwd = temp_dir.path().join("cwd");
     let first_dir = temp_dir.path().join("first");
@@ -43,25 +43,27 @@ fn finds_first_executable_bwrap_in_search_paths() {
     std::fs::create_dir_all(&second_dir).expect("create second dir");
     std::fs::write(first_dir.join("bwrap"), "not executable").expect("write non-executable bwrap");
     let expected_bwrap = write_named_fake_bwrap_in(&second_dir);
+    let search_path = std::env::join_paths([first_dir, second_dir]).expect("join search path");
 
     assert_eq!(
-        find_system_bwrap_in_search_paths(vec![first_dir, second_dir], &cwd),
+        find_system_bwrap_in_search_paths(std::env::split_paths(&search_path), &cwd),
         Some(expected_bwrap)
     );
 }
 
 #[test]
-fn skips_workspace_local_bwrap_in_search_paths() {
+fn skips_workspace_local_bwrap_in_joined_search_path() {
     let temp_dir = tempdir().expect("temp dir");
     let cwd = temp_dir.path().join("cwd");
     let trusted_dir = temp_dir.path().join("trusted");
     std::fs::create_dir_all(&cwd).expect("create cwd");
     std::fs::create_dir_all(&trusted_dir).expect("create trusted dir");
     let _workspace_bwrap = write_named_fake_bwrap_in(&cwd);
     let expected_bwrap = write_named_fake_bwrap_in(&trusted_dir);
+    let search_path = std::env::join_paths([cwd.clone(), trusted_dir]).expect("join search path");
 
     assert_eq!(
-        find_system_bwrap_in_search_paths(vec![cwd.clone(), trusted_dir], &cwd),
+        find_system_bwrap_in_search_paths(std::env::split_paths(&search_path), &cwd),
         Some(expected_bwrap)
     );
 }