bash actually has a "restricted" mode which is sort of like that. In restricted mode, the following are disallowed:
- Changing directories with cd.
- Setting or unsetting the values of SHELL, PATH, HISTFILE, ENV, or BASH_ENV.
- Specifying command names containing /.
- Importing function definitions from the shell environment at startup.
- Parsing the values of BASHOPTS and SHELLOPTS from the shell environment at startup.
... some other things mainly preventing you from escaping or disabling the restricted mode.
Does that work? I've never seen it used. It seems easy to escape.
The docs seem to suggest using alternate approaches.
> Modern systems provide more secure ways to implement a restricted environment, such as jails, zones, or containers.
https://www.gnu.org/software/bash/manual/html_node/The-Restr...
I don't think I've ever seen it used. I think the idea was back in the day when you wanted to let a user have a shell login (because that's the only way you could use a shared computer) but wanted to confine them to a specific directory and prevent them running anything that wasn't in the pre-defined PATH that you set for them.
You could also produce special purpose applications this way, say to provide access to the online library catalog, or a run a gopher client for use in a public terminal lab. Telnetting to a unix account running some sort of restricted shell was how these often worked.
A sibling comment I can't reply to asks if you can do with with unix permissions.
These were really intended for anonymous guest access, or at least often used for this purpose. You couldn't do the same things with the file permissions systems at the time.
Can't you do that with regular Unix permissions?