Re: Security issue in Zsh restricted mode (zsh -r) – escape via history built‑ins

[Jun T <takimoto-j@xxxxxxxxxxxxxxxxx>]

> 2026/04/06 3:24, Oliver Kiddle <opk@xxxxxxx> wrote:
> 
> It does nothing for invoking zsh as rzsh. In your (or anyone else's)
> opinion, should that code be retained and also replaced with an error.

I think rzsh should behave just like 'zsh -r', i.e., error exit.

> There's also [[ -o restricted ]]. We could patch optison() in cond.c to
> silently return 1 or leave it also printing a "no such option" error and
> aborting.

This is more subtle, but aborting is overdone, and I feel it's OK to
treat [[ -o r/restricted ]] just like other non_existent_options; i.e.,
return 3 with warning, or silently return 1 if posix_builtins is set.