Running a script or portion of a script in
restricted mode disables certain commands that
would otherwise be available. This is a security measure intended
to limit the privileges of the script user and to minimize possible
damage from running the script.
Disabled commands in restricted shells
Using cd to change the working
directory.
Changing the values of the $PATH,
$SHELL, $BASH_ENV,
or $ENV environmental variables.
Reading or changing the $SHELLOPTS,
shell environmental options.
Output redirection.
Invoking commands containing one or more
/'s.
Invoking exec to substitute a different
process for the shell.
Various other commands that would enable monkeying
with or attempting to subvert the script for an unintended
purpose.
Getting out of restricted mode within the script.
Example 3-79. Running a script in restricted mode
#!/bin/bash
# Starting the script with "#!/bin/bash -r" runs entire script in restricted mode.
echo
echo "Changing directory."
cd /usr/local
echo "Now in `pwd`"
echo "Coming back home."
cd
echo "Now in `pwd`"
echo
# Everything up to here in normal, unrestricted mode.
set -r
# set --restricted has same effect.
echo "==> Now in restricted mode. <=="
echo
echo
echo "Attempting directory change in restricted mode."
cd ..
echo "Still in `pwd`"
echo
echo
echo "\$SHELL = $SHELL"
echo "Attempting to change shell in restricted mode."
SHELL="/bin/ash"
echo
echo "\$SHELL= $SHELL"
echo
echo
echo "Attempting to redirect output in restricted mode."
ls -l /usr/bin > bin.files
# Try to list attempted file creation effort.
ls -l bin.files
echo
exit 0 |
