Configuration contract for persistent shell sessions.
Concrete subclasses encapsulate how a shell process is launched and constrained.
Each policy documents its security guarantees and the operating environments in
which it is appropriate. Use HostExecutionPolicy for trusted, same-host execution;
CodexSandboxExecutionPolicy when the Codex CLI sandbox is available and you want
additional syscall restrictions; and DockerExecutionPolicy for container-level
isolation using Docker.
Launch the persistent shell process.
