guestfish shell has an ability to execute commands on the host such as

!mkdir local
tgz-out /remote local/remote-data.tar.gz

What is the best way to  restrict access to host from guestfish ?

For instance, 

- Allow readonly access to host.. i.e., !ls is allowed
       but dont allow !rm or !mkdir 

- commands such as tgz-out, or copy-out should be able to access just  /tmp,  but nothing else in host filesystem

Appreciate your guidance on this,

Thanks

Raghu