CVE-2019-18276: Bash restricted-bypass via enable builtin loading shared objects during startup

In bash 5.0, the enable builtin with the -f flag can load arbitrary shared objects even when bash is running as a restricted shell (rbash). The vulnerable check in builtins/enable.def line 165 uses if (restricted && (flags & (FFLAG|DFLAG))) — but the restricted variable is temporarily set to 0 during startup file execution (shell.c line 669: restricted = 0 before run_startup_files()). An attacker who controls the startup files (e.g., ~/.bashrc) can call enable -f /evil.so cmd during startup when restricted == 0 but restricted_shell == 1. The dlopen()ed .so's C constructor code executes unrestricted, bypassing all shell-level restrictions. The fix is to check restricted_shell in addition to restricted.