It is intended to provide an additional layer of security, but is insufficient to allow execution of entirely untrusted software.
A restricted mode operation is found in the original Bourne shell[1] and its later counterpart Bash,[2] and in the KornShell.
[3] In some cases a restricted shell is used in conjunction with a chroot jail, in a further attempt to limit access to the system as a whole.
It suffices to create a link named rbash pointing directly to bash.
A user can break out of the restricted environment by running a program that features a shell function.