]>
Commit | Line | Data |
---|---|---|
95732b49 JA |
1 | 6.10 The Restricted Shell |
2 | ========================= | |
7117c2d2 JA |
3 | |
4 | If Bash is started with the name `rbash', or the `--restricted' or `-r' | |
5 | option is supplied at invocation, the shell becomes restricted. A | |
6 | restricted shell is used to set up an environment more controlled than | |
7 | the standard shell. A restricted shell behaves identically to `bash' | |
8 | with the exception that the following are disallowed or not performed: | |
9 | ||
10 | * Changing directories with the `cd' builtin. | |
11 | ||
12 | * Setting or unsetting the values of the `SHELL', `PATH', `ENV', or | |
13 | `BASH_ENV' variables. | |
14 | ||
15 | * Specifying command names containing slashes. | |
16 | ||
17 | * Specifying a filename containing a slash as an argument to the `.' | |
18 | builtin command. | |
19 | ||
20 | * Specifying a filename containing a slash as an argument to the `-p' | |
21 | option to the `hash' builtin command. | |
22 | ||
23 | * Importing function definitions from the shell environment at | |
24 | startup. | |
25 | ||
26 | * Parsing the value of `SHELLOPTS' from the shell environment at | |
27 | startup. | |
28 | ||
29 | * Redirecting output using the `>', `>|', `<>', `>&', `&>', and `>>' | |
30 | redirection operators. | |
31 | ||
32 | * Using the `exec' builtin to replace the shell with another command. | |
33 | ||
34 | * Adding or deleting builtin commands with the `-f' and `-d' options | |
35 | to the `enable' builtin. | |
36 | ||
37 | * Using the `enable' builtin command to enable disabled shell | |
38 | builtins. | |
39 | ||
40 | * Specifying the `-p' option to the `command' builtin. | |
41 | ||
42 | * Turning off restricted mode with `set +r' or `set +o restricted'. | |
43 | ||
44 | These restrictions are enforced after any startup files are read. | |
45 | ||
46 | When a command that is found to be a shell script is executed (*note | |
47 | Shell Scripts::), `rbash' turns off any restrictions in the shell | |
48 | spawned to execute the script. | |
49 |