Sharing this here because it’s a recurring topic in the developer community:
OpenAI has introduced reusable permission profiles that can be inherited across tasks. These profiles replace the older coarse sandbox modes with more specific OS-enforced rules for file access, including read, write, and deny rules for paths such as **/*.env.
The same profile can also define network access by domain and control Unix socket access. Admins can set fail-closed allowlists, which means access is blocked unless it is explicitly allowed.
The practical benefit is clearer least-privilege control per task instead of broad sandbox settings.
Since this is an early release there are a few things to consider. Make sure to read the disclaimer in the docs.