<div dir="ltr"><div>Hi Richard, <br><br></div>guestfish shell has an ability to execute commands on the host such as<br><pre><code>!mkdir local<br></code><code>tgz-out /remote local/remote-data.tar.gz<br><br></code></pre><pre><code><span style="font-family:arial,helvetica,sans-serif">What is the best way to  restrict access to host from guestfish ?</span><br><br></code></pre><pre><span style="font-family:arial,helvetica,sans-serif"><code><span style="font-family:arial,helvetica,sans-serif">For instance,</span> <br></code></span></pre><pre><span style="font-family:arial,helvetica,sans-serif"><code><span style="font-family:arial,helvetica,sans-serif">- Allow readonly access to host.. i.e., !ls is allowed<br>       but dont allow !rm or !mkdir </span><br></code></span></pre><pre><span style="font-family:arial,helvetica,sans-serif"><code><span style="font-family:arial,helvetica,sans-serif">- commands such as tgz-out, or copy-out should be able to access just  /tmp,  but nothing else in host filesystem</span><br><br></code></span></pre><pre><span style="font-family:arial,helvetica,sans-serif"><code><span style="font-family:arial,helvetica,sans-serif">Appreciate your guidance on this,</span><br><br></code></span></pre><pre><span style="font-family:arial,helvetica,sans-serif"><code><span style="font-family:arial,helvetica,sans-serif">Thanks</span><br></code></span></pre><pre><span style="font-family:arial,helvetica,sans-serif"><code><span style="font-family:arial,helvetica,sans-serif">Raghu</span><br></code></span></pre><pre><span style="font-family:arial,helvetica,sans-serif"><code><br></code></span></pre><pre><span style="font-family:arial,helvetica,sans-serif"><code><br></code></span></pre><pre><code><br></code></pre><br></div>