How to resrict an user using Rsh shell on AIX ?

This article details the step by step procedure of how to resrict an user using Rsh shell on AIX. The effect of this restriction is to prevent the user from running any command that is not in a directory contained in the PATH variable. Let’s see step by step procedure as below
1. Add /usr/bin/Rsh to the list of shells

vi /etc/security/login.cfg
usw:
shells = /bin/sh,/bin/bsh,/bin/csh,/bin/ksh,/bin/tsh,/usr/bin/sh,/usr/bin/bsh,/usr/bin/csh,/usr/bin/ksh,/usr/bin/tsh,/usr/sbin/sliplogin,/bin/ftponly,/usr/sbin/uucp/uucico,/share/bin/bash,/usr/sbin/snappd,/usr/bin/Rsh

All valid login shells are listed in the above login.cfg file, in the usw stanza.
2. Assign the restricted shell to the user

chuser shell=/usr/bin/Rsh abinash

Now here user abinash can’t: change directory, change PATH variable, use command names with /, redirect output (>,>>)
3. Make sure PATH variable does not contain /usr/bin or /bin
#vi /home/abinash/.profile

#PATH=/usr/bin:/etc:/usr/sbin:/usr/ucb:$HOME/bin:/usr/bin/X11:/sbin:.
PATH=/usr/rbin

4. Create /usr/rbin dir and copy the needed commands , what the user can run, from /usr/bin or from /bin to /usr/rbin

$ ls -l /usr/rbin
-r-xr-xr-x 1 root system 10842 June 26 00:21 cat
-r-xr-xr-x 1 root system 28594 June 26 00:18 ls
-r-xr-xr-x 1 root system 298886 June 26 00:24 vi
-r-xr-xr-x 1 root system 298886 June 26 00:24 ssh

 * Source Article from : Internet