In a datacenter like environment, this will protect the system from below
attacks:
1.Prevents attacker from deploying scripts that run arbitrary executables on the system.
2.Prevents physically present malicious admin to run arbitrary code on the
machine.
Regards,
Jaskaran
So you are trying to protect against people who already have a root shell?
Can't they just e.g. run /usr/bin/python and type in some Python code?
Or run /usr/bin/curl and upload all your secret data to their server.
- Eric