fbpx
Wikipedia

Restricted shell

November 29, 2023

The restricted shell is a Unix shell that restricts some of the capabilities available to an interactive user session, or to a shell script, running within it. It is intended to provide an additional layer of security, but is insufficient to allow execution of entirely untrusted software. A restricted mode operation is found in the original Bourne shell[1] and its later counterpart Bash,[2] and in the KornShell.[3] In some cases a restricted shell is used in conjunction with a chroot jail, in a further attempt to limit access to the system as a whole.

Invocation edit

The restricted mode of the Bourne shell sh, and its POSIX workalikes, is used when the interpreter is invoked in one of the following ways:

  • sh -r    note that this conflicts with the "read" option in some sh variants
  • rsh    note that this may conflict with the remote shell command, which is also called rsh on some systems

The restricted mode of Bash is used when Bash is invoked in one of the following ways:

  • rbash
  • bash -r
  • bash --restricted

Similarly KornShell's restricted mode is produced by invoking it thus:

  • rksh
  • ksh -r

Setting up rbash edit

For some systems (e.g., CentOS), the invocation through rbash is not enabled by default, and the user obtains a command not found error if invoked directly, or a login failure if the /etc/passwd file indicates /bin/rbash as the user's shell.

It suffices to create a link named rbash pointing directly to bash. Though this invokes Bash directly, without the -r or --restricted options, Bash does recognize that it was invoked through rbash and it does come up as a restricted shell.

This can be accomplished with the following simple commands (executed as root, either logged in as user root, or using sudo): 

root@host:~# cd /bin root@host:/bin# ln bash rbash

Limited operations edit

The following operations are not permitted in a restricted shell:

  • changing directory
  • specifying absolute pathnames or names containing a slash
  • setting the PATH or SHELL variable
  • redirection of output

Bash adds further restrictions, including:[2]

  • limitations on function definitions
  • limitations on the use of slash-ed filenames in Bash builtins

Restrictions in the restricted KornShell are much the same as those in the restricted Bourne shell.[4]

Weaknesses of a restricted shell edit

The restricted shell is not secure. A user can break out of the restricted environment by running a program that features a shell function. The following is an example of the shell function in vi being used to escape from the restricted shell: 

user@host:~$ vi 
:set shell=/bin/sh :shell

Or by simply starting a new unrestricted shell, if it is in the PATH, as demonstrated here: 

user@host:~$ rbash user@host:~$ cd / rbash: cd: restricted user@host:~$ bash user@host:~$ cd / user@host:/$

List of programs edit

Beyond the restricted modes of usual shells, specialized restricted shell programs include:

  • rssh – used with OpenSSH, permitting only certain file copying programs, namely scp, sftp, rsync, cvs, and rdist
  • smrsh, which limits the commands sendmail can invoke[5]

See also edit

References edit

  1. ^ . Archived from the original on 2014-12-21. Retrieved 2010-10-04.
  2. ^ a b GNU Bash manual
  3. ^ ksh manual, Solaris (SunOS 5.10) manual page, Oracle Inc.
  4. ^ ksh(1) manual page, IBM AIX documentation set
  5. ^ Costales, Bryan; Assmann, Claus; Jansen, George; Shapiro, Gregory Neil (2007). Sendmail. Oreilly Series (4 ed.). O'Reilly Media, Inc. p. 379. ISBN 9780596510299. Retrieved 2012-08-02. As an aid in preventing [...] attacks, V8.1 sendmail first offered the smrsh (sendmail restricted shell) program.

November 29, 2023
restricted, shell, this, article, written, like, manual, guide, please, help, rewrite, this, article, remove, advice, instruction, october, 2017, restricted, shell, unix, shell, that, restricts, some, capabilities, available, interactive, user, session, shell,. This article is written like a manual or guide Please help rewrite this article and remove advice or instruction October 2017 The restricted shell is a Unix shell that restricts some of the capabilities available to an interactive user session or to a shell script running within it It is intended to provide an additional layer of security but is insufficient to allow execution of entirely untrusted software A restricted mode operation is found in the original Bourne shell 1 and its later counterpart Bash 2 and in the KornShell 3 In some cases a restricted shell is used in conjunction with a chroot jail in a further attempt to limit access to the system as a whole Contents 1 Invocation 1 1 Setting up rbash 2 Limited operations 3 Weaknesses of a restricted shell 4 List of programs 5 See also 6 ReferencesInvocation editThe restricted mode of the Bourne shell sh and its POSIX workalikes is used when the interpreter is invoked in one of the following ways sh r note that this conflicts with the read option in some sh variants rsh note that this may conflict with the remote shell command which is also called rsh on some systemsThe restricted mode of Bash is used when Bash is invoked in one of the following ways rbash bash r bash restrictedSimilarly KornShell s restricted mode is produced by invoking it thus rksh ksh rSetting up rbash edit For some systems e g CentOS the invocation through rbash is not enabled by default and the user obtains a command not found error if invoked directly or a login failure if the etc passwd file indicates bin rbash as the user s shell It suffices to create a link named rbash pointing directly to bash Though this invokes Bash directly without the r or restricted options Bash does recognize that it was invoked through rbash and it does come up as a restricted shell This can be accomplished with the following simple commands executed as root either logged in as user root or using sudo root host cd bin root host bin ln bash rbashLimited operations editThe following operations are not permitted in a restricted shell changing directory specifying absolute pathnames or names containing a slash setting the PATH or SHELL variable redirection of outputBash adds further restrictions including 2 limitations on function definitions limitations on the use of slash ed filenames in Bash builtinsRestrictions in the restricted KornShell are much the same as those in the restricted Bourne shell 4 Weaknesses of a restricted shell editThe restricted shell is not secure A user can break out of the restricted environment by running a program that features a shell function The following is an example of the shell function in vi being used to escape from the restricted shell user host vi set shell bin sh shell Or by simply starting a new unrestricted shell if it is in the PATH as demonstrated here user host rbash user host cd rbash cd restricted user host bash user host cd user host List of programs editBeyond the restricted modes of usual shells specialized restricted shell programs include rssh used with OpenSSH permitting only certain file copying programs namely scp sftp rsync cvs and rdist smrsh which limits the commands a href Sendmail html title Sendmail sendmail a can invoke 5 See also editRemote ShellReferences edit POSIX sh specification Archived from the original on 2014 12 21 Retrieved 2010 10 04 a b GNU Bash manual ksh manual Solaris SunOS 5 10 manual page Oracle Inc ksh 1 manual page IBM AIX documentation set Costales Bryan Assmann Claus Jansen George Shapiro Gregory Neil 2007 Sendmail Oreilly Series 4 ed O Reilly Media Inc p 379 ISBN 9780596510299 Retrieved 2012 08 02 As an aid in preventing attacks V8 1 sendmail first offered the smrsh sendmail restricted shell program Retrieved from https en wikipedia org w index php title Restricted shell amp oldid 1172771743, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.