The next degree of limitation is to be a restricted shell. In this case, a version of a normal bash shell will prevent users from changing the directory and environment variables, redirecting output, running commands with absolute pathnames, using exec command and some other actions. Restrictions are not enforced for shell scripts. See man bash for more details. Combining rbash with a restrictive configuration of UNIX permissions can help achieve further security.
Rbash is a viable choice if you are trying to somewhat contain trusted users. Its restrictions can be easily overcome (see below).
To test rbash restricted shell functionality:
# adduser nst
# ln -s /bin/bash /bin/rbash
# echo "/bin/rbash" >> /etc/shells
# chsh -s /bin/rbash nst
# cd ~nst
# su nst
$ cd /
rbash: cd: restricted
Note:This has been tested in Ubunut and Redhat linux machines.