Restricted Shells: Sometimes Persuasive but Usually Fallacious

The article claims that things like Bash&#x27;s restricted mode are ineffective. It gives the example:<p><pre><code> parent$ bash --restricted child$ cd .. bash: cd: restricted child$ pwd &#x2F;home&#x2F;rjones child$ bash grandchild$ cd .. grandchild$ pwd &#x2F;home </code></pre> where the escape is that &#x27;child&#x27; was able to create the non-restricted shell &#x27;grandchild&#x27;. If you think that properly configuring a restricted bash shell is a simple as executing `&#x2F;bin&#x2F;bash --restricted`, then you need to read the manual. The restricted shell can execute arbitrary programs <i>in $PATH</i>; to deploy a restricted Bash shell, you&#x27;ll need to construct a PATH with whitelisted programs that it is safe to execute. The restricted Bash cannot adjust PATH, and it cannot execute programs outside of PATH.<p>Something like:<p><pre><code> $ PATH=&#x2F;etc&#x2F;restricted-bin bash --restricted </code></pre> where &#x2F;etc&#x2F;restricted-bin contains symlinks to or stub-wrappers for programs that the restricted shell should be able to use.

Restricted shell escapes are a common topic in CTFs and they can be a very interesting test of one&#x27;s knowledge of shell and Unix details. It&#x27;s not clear to me whether people who commonly construct these challenges think that a restricted shell can actually be safe or not.<p>(It&#x27;s clear that to <i>attempt</i> to have a safe restricted shell, you have to, among other things, whitelist rather than blacklist executable programs, studying each one individually to learn whether it allows arbitrary code execution or not.)

From the article:<p>&gt; Another form of system hardening you can use is containers.<p>Let&#x27;s not forget the 8k+ vulns on the top ten docker images, and the general security implications of containers.<p>Like, let me run my data export from inside the publicly downloaded container that connects to the database and hasn&#x27;t been locked down, because who actually audits and hardens their containers or manually configures their docker runtime?