-
Bug
-
Resolution: Done-Errata
-
Normal
-
rhel-8.4.0
-
ksh-20120801-260.el8
-
None
-
Important
-
rhel-sst-cs-plumbers
-
ssg_core_services
-
25
-
26
-
1
-
False
-
-
None
-
None
-
Pass
-
Automated
-
If docs needed, set a value
-
-
All
-
None
+++ This bug was initially created as a clone of Bug #1948586 +++
From manual page:
-r Enables the restricted shell. This option cannot be
unset once set.
But one can exit it with:
$ set +r
One can work an a restricted shell with:
+ Create a ~/.profile that sets PATH to, for example, /rbin
+ Add symbolic links to /rbin, e.g.
- ln -sf /bin/ls /rbin
+ Remove any unwanted environment variable or function from
~/.profile with unset.
Above works with bash, on basic tests using .bash_profile:
export PATH=/rbin
unset command_not_found_handle
and user shell set to /bin/rbash
Restricted shells overall are somewhat of a fragile solution,
but if the environment is really very small, it is a somewhat
safe option.