Separate approval policies for read vs write operations

[dev-shinyu]

What feature would you like to see?

Hi Codex CLI team 👋

Currently, the approval_policy setting applies uniformly to all command executions. This means we can either:

Allow all commands automatically (never),

Prompt before every command (on-request), or

Block/disallow entirely.

However, in real development workflows it would be extremely useful to distinguish read-only operations (e.g. searching, grepping, analyzing files) from write operations (e.g. creating, editing, or deleting files).

Proposal: Introduce separate approval policies for read vs. write:

Read operations → allow automatic execution (no prompt).

Write operations → always require explicit approval.

This would give developers the convenience of seamless analysis and exploration, while still protecting against unintended or unsafe modifications to the workspace.

Example config idea:

sandbox_mode = "workspace-write" approval_policy.read = "never" approval_policy.write = "on-request"

This separation would significantly improve developer productivity and safety when using Codex CLI in real projects.

Thanks for considering this enhancement! 🙏

Are you interested in implementing this feature?

No response

Additional information

No response

[VladTheFrontender]

Yeah, I switched from Claude Code and immediately noticed this obvious major drawback.

[adrianveen]

A whitelist of commands would be great. I don't need to be asked if i want to allow a cd command for example, or other completely safe shell commands.