patch 8.2.4282: restricted mode requires the -Z command line option

Problem:    Restricted mode requires the -Z command line option.
Solution:   Use restricted mode when $SHELL ends in "nologin" or "false".
            (closes #9681)
This commit is contained in:
matveyt
2022-02-01 17:26:12 +00:00
committed by Bram Moolenaar
parent 9b4a80a665
commit adbb1bf21d
4 changed files with 23 additions and 0 deletions

View File

@ -256,6 +256,8 @@ a slash. Thus "-R" means recovery and "-/R" readonly.
Interfaces, such as Python, Ruby and Lua, are also disabled,
since they could be used to execute shell commands. Perl uses
the Safe module.
For Unix restricted mode is used when the last part of $SHELL
is "nologin" or "false".
Note that the user may still find a loophole to execute a
shell command, it has only been made difficult.