|
The restricted shell is a Unix shell that restricts some of the capabilities available to an interactive user session, or to a shell script, running within it. It is intended to provide an additional layer of security, but is insufficient to allow execution of entirely untrusted software. A restricted mode operation is found in the original Bourne shell〔(POSIX sh specification )〕 and its later counterpart bash,〔(GNU Bash manual )〕 and in the Korn shell.〔(ksh manual ), Solaris (SunOS 5.10) manual page, Oracle Inc.〕 In some cases a restricted shell is used in conjunction with a chroot jail, in a further attempt to limit access to the system as a whole. ==Invocation== The restricted mode of the Bourne shell sh, and its POSIX workalikes, is used when the interpreter is invoked in one of the following ways: * sh -r ''note that this conflicts with the "read" option in some sh variants'' * rsh ''note that this may conflict with the remote shell command, which is also called rsh on some systems'' The restricted mode of bash is used when bash is invoked in one of the following ways: * rbash * bash -r * bash --restricted Similarly the Korn shell's restricted mode is produced by invoking it thus: * rksh * ksh -r 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Restricted shell」の詳細全文を読む スポンサード リンク
|