A restricted shell is used to set up an environment more controlled than the standard shell.Bash shell can be opened in restricted mode. If bash shell is started with the name rbash, or the --restricted or -r option is supplied at invocation, it is opened as a restricted shell.

The following commands will open a bash shell in restricted mode.

$ bash --restricted

OR

$ rbash

OR

$ bash -r

Characteristics of a restricted mode bash shell

A restricted shell behaves identically to bash with the following exceptions.

  • You can’t change directories using cd command.
  • Set or unset environment variables. Eg: SHELL, PATH, ENV etc.
  • Specify command names containing slashes.
  • Specify a filename containing a slash as an argument to the .(dot) built-in command.
  • Specifying a filename containing a slash as an argument to the -p option to the hash builtin command.
  • Importing function definitions from the shell environment at startup.
  • Parsing the value of SHELLOPTS from the shell environment at startup.
  • Redirecting output using the ‘>’, ‘>|’, ‘<>’, ‘>&’, ‘&>’, and ‘>>’ redirection operators.
  • Using the exec built-in to replace the shell with another command.
  • Adding or deleting built-in commands with the -f and -d options to the enable built-in.
  • Using the enable built-in command to enable disabled shell built-ins.
  • Specifying the -p option to the command built-in.
  • Turning off restricted mode with ‘set +r’ or ‘set +o restricted’ .

These restrictions are enforced after any startup files are read. When a command that is found to be a shell script is executed, rbash turns off any restrictions in the shell spawned to execute the script.

0saves
Save
If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.

Related posts: