[Bug]: Sandbox egress proxy checks resolved binary path, not symlink — python3 silently blocked

[nv-ddave]

Description

When /usr/bin/python3 is added to a network policy's binaries list, Python HTTP requests are still blocked with 403 Forbidden. The proxy resolves symlinks before checking the allowlist, and /usr/bin/python3 is a symlink to /usr/bin/python3.11.

Steps to Reproduce

1. Add to sandbox policy:

   binaries:
     - { path: /usr/bin/python3 }

2. Inside sandbox: python3 -c "import urllib.request; urllib.request.urlopen('https://api.github.com')" → 403 Forbidden
3. Add the resolved path:

   binaries:
     - { path: /usr/bin/python3 }
     - { path: /usr/bin/python3.11 }

4. Same request → 200 OK

Expected Behavior

Either:

• The proxy should resolve symlinks when checking the policy (so /usr/bin/python3 works)
• Or the documentation should clearly state that resolved binary paths must be used

Workaround

Add both the symlink AND the resolved binary path to every policy that needs Python access.