Hey,
I actually do have a question which seems rather easy for those you know more about this topic, since I am pretty new to bashscripting and don't know where it's limits are I have to ask you guys
Imagine a system where all possible code execution methods (binary executables or interpreted languages like perl and python) are not possible for the attacker. The only thing he can do is to write and execute shell scripts. But here, he is completly free to do what he wants, but it has to be within a shellscript and not with root rights.
So the question is: How much danger would there be in such a situation? Is it possible to do real harm only using a shellscript? If yes, what kind of stuff can one do? The only thing that came to my mind was deleting files, but as I assume the attacker has only user privilges in this scenario he wouldn't be able to delete the important files.