91 91
92Use the canonical feature keys from `config.toml`'s `[features]` table. Codex normalizes the resulting feature set to meet these pins and rejects conflicting writes to `config.toml` or profile-scoped feature settings.92Use the canonical feature keys from `config.toml`'s `[features]` table. Codex normalizes the resulting feature set to meet these pins and rejects conflicting writes to `config.toml` or profile-scoped feature settings.
93 93
94### Enforce deny-read requirements
95
96Admins can deny reads for exact paths or glob patterns with
97`[permissions.filesystem]`. Users can't weaken these requirements with local
98configuration.
99
100```toml
101[permissions.filesystem]
102deny_read = [
103 "/Users/alice/.ssh",
104 "./private/**/*.txt",
105]
106```
107
108When deny-read requirements are present, Codex constrains local sandbox mode to
109`read-only` or `workspace-write` so the requirement can be enforced. On native
110Windows, managed `deny_read` applies to direct file tools; shell subprocess
111reads don’t use this sandbox requirement.
112
94### Enforce command rules from requirements113### Enforce command rules from requirements
95 114
96Admins can also enforce restrictive command rules from `requirements.toml`115Admins can also enforce restrictive command rules from `requirements.toml`