Three bypass shapes for HTTPS_PROXY-only agent egress controls. The kernel does not enforce any of them. Each is reachable in a default Linux process unless additional kernel-level controls are applied. This post is the listicle companion to Politeness vs Enforcement . The framing post is the long argument; this one is the short list of specific bypasses to know about and the kernel-level rule that would close each. 1. Subprocess that clears the environment An agent process spawns a subprocess. If the spawn does not pass HTTPS_PROXY through, the subprocess has a different environment than its parent. Cooperative HTTP libraries in the subprocess never see the variable, so they never route through the proxy. The bypass takes two lines: import subprocess subprocess . run ([ " curl " , " https://example.com/ " ], env = {}) Enter fullscreen mode Exit fullscreen mode The empty env={} clears every variable, including the proxy hint.…