CDX-201b · Module 2
File System Access & Networking
3 min read
Inside a cloud microVM, the file system starts as a clean clone of your repository at the commit specified in the task. Codex has full read-write access within the repository directory but cannot access files outside it. This means tasks can create, modify, and delete files freely within the project scope — but cannot read your home directory, system files, or other repositories.
Network policies in cloud microVMs are more restrictive than local sandbox defaults. Package registry access (npm, PyPI, Maven, etc.) is allowed for dependency installation. Git operations to the task's origin repository are allowed. Other network access — external APIs, databases, third-party services — is restricted by default. This constraint means your cloud tasks need to be self-contained: any external data the task needs should be in the repository or fetchable from allowed endpoints.
# File system access in cloud microVMs
/workspace/ # Repository root — full read-write
/workspace/.git/ # Git state — managed by Codex
/workspace/node_modules/ # Dependencies — installed at task start
/tmp/ # Temp files — available during task
/home/ # Restricted — no access
/etc/ # Restricted — no access
# Network access
registry.npmjs.org # Allowed — npm packages
pypi.org # Allowed — Python packages
github.com # Allowed — git operations
*.internal.company.com # Blocked — no custom endpoints by default- Identify external dependencies List every network call your build and test process makes. For each one, determine if it is available in the cloud microVM or needs a mock.
- Create mock fixtures For blocked endpoints, create fixture files or mock servers that live in the repository. These ensure cloud tasks can run the full test suite.
- Test locally with restrictions Run your tests with network disabled (using a tool like unshare or a firewall rule) to simulate cloud network restrictions. Fix failures before submitting cloud tasks.