Merge branch 'main' into openhands/add-gpt-5-3-codex-v2

Author: juanmichelini

openhands-tools/openhands/tools/browser_use/impl.py

@@ -247,10 +247,24 @@ def init_logic():
             if inject_scripts:
                 self._server.set_inject_scripts(inject_scripts)
 
+            # Chromium refuses to run as root with sandboxing enabled.
+            # Disable the sandbox when running as root so CHROME_DOCKER_ARGS
+            # (--no-sandbox, --disable-setuid-sandbox, etc.) are applied.
+            # SECURITY: Running Chrome as root without a sandbox is risky
+            # - a compromised browser has full root access. Use only in
+            # controlled environments.
+            running_as_root = os.getuid() == 0
+            if running_as_root:
+                logger.warning(
+                    "Running as root - disabling Chromium sandbox "
+                    "(required for root). This reduces security isolation."
+                )
+
             self._config = {
                 "headless": headless,
                 "allowed_domains": allowed_domains or [],
                 "executable_path": executable_path,
+                "chromium_sandbox": not running_as_root,
                 **config,
             }
 

tests/tools/browser_use/test_browser_initialization.py

@@ -89,6 +89,7 @@ def test_initialization_config_passed_to_server(self):
                 "openhands.tools.browser_use.impl.CustomBrowserUseServer",
                 return_value=mock_server,
             ),
+            patch("os.getuid", return_value=1000),  # Non-root user
         ):
             executor = BrowserToolExecutor(
                 headless=False,
@@ -101,6 +102,7 @@ def test_initialization_config_passed_to_server(self):
                 "headless": False,
                 "allowed_domains": ["example.com"],
                 "executable_path": "/usr/bin/chromium",
+                "chromium_sandbox": True,  # Enabled for non-root
                 "custom_param": "test",
             }