Tech Docs Home > Endpoint Privilege Management >

shellrestricted

Version 3.5 and earlier: shellrestricted variable not available.
Version 4.0 and later: shellrestricted variable available.

Data Type

Boolean

Description

Controls whether Endpoint Privilege Management for Unix and Linux shells run in restricted mode. Restricted mode has the following limitations:

The cd command is disabled.
The environment variables SHELL, ENV, and PATH are read-only.
Command names cannot use absolute or relative paths.
The -p option of the built-in command is disabled.
I/O redirections (>, >|, >>, and <>) that create files are disabled.

Syntax

shellrestricted = boolean;

Valid Values

true	Runs Endpoint Privilege Management for Unix and Linux shells in restricted mode.
false	Disables restricted mode. The default is false.

shellrestricted = true;

For more information, see the following:

BeyondTrust is the worldwide leader in intelligent identity and access security, enabling organizations to protect identities, stop threats, and deliver dynamic access. We offer the only platform with both intelligent identity threat detection and a privilege control plane that delivers zero-trust based least privilege to shrink your attack surface and eliminate security blind spots.

©2003-2024 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority. 4/25/2024

Top