diff --git a/man/empire.6 b/man/empire.6
index 837b1349..efb87060 100644
--- a/man/empire.6
+++ b/man/empire.6
@@ -4,7 +4,7 @@ empire \- Empire client
 .SH SYNOPSIS
 .B empire
 [
-.B \-hkuv
+.B \-hkruv
 ]
 [
 .BI \-2 " outfile"
@@ -37,6 +37,9 @@ Help.  Print brief usage information and exit.
 .B \-k
 If someone else is connected to your country, kill their connection.
 .TP
+.B \-r
+Restricted mode: disable redirections and execute command.
+.TP
 .BI \-s " [host:]port"
 Specify server \fIhost\fR and \fIport\fR.
 .TP
diff --git a/src/client/main.c b/src/client/main.c
index 8e178170..74ab4271 100644
--- a/src/client/main.c
+++ b/src/client/main.c
@@ -69,6 +69,7 @@ print_usage(char *program_name)
     printf("Usage: %s [OPTION]...[COUNTRY [PASSWORD]]\n"
 	   "  -2 FILE         Append log of session to FILE\n"
 	   "  -k              Kill connection\n"
+	   "  -r              Restricted mode, no redirections\n"
 	   "  -s [HOST:]PORT  Specify server HOST and PORT\n"
 	   "  -u              Use UTF-8\n"
 	   "  -h              display this help and exit\n"
@@ -92,7 +93,7 @@ main(int argc, char **argv)
     char *colon;
     int sock;
 
-    while ((opt = getopt(argc, argv, "2:ks:uhv")) != EOF) {
+    while ((opt = getopt(argc, argv, "2:krs:uhv")) != EOF) {
 	switch (opt) {
 	case '2':
 	    auxfname = optarg;
@@ -100,6 +101,9 @@ main(int argc, char **argv)
 	case 'k':
 	    send_kill = 1;
 	    break;
+	case 'r':
+	    restricted = 1;
+	    break;
 	case 's':
 	    port = strdup(optarg);
 	    colon = strrchr(port, ':');
diff --git a/src/client/misc.h b/src/client/misc.h
index 69a86aa6..1fd9f9bd 100644
--- a/src/client/misc.h
+++ b/src/client/misc.h
@@ -44,6 +44,7 @@ extern int eight_bit_clean;
 extern int input_fd;
 extern int send_eof;
 extern FILE *auxfp;
+extern int restricted;
 
 #ifdef HAVE_CURSES_TERMINFO
 void getsose(void);
diff --git a/src/client/servcmd.c b/src/client/servcmd.c
index 2c4ac6e4..0c33758f 100644
--- a/src/client/servcmd.c
+++ b/src/client/servcmd.c
@@ -47,6 +47,7 @@
 
 int eight_bit_clean;
 FILE *auxfp;
+int restricted;
 
 static FILE *redir_fp;
 static int redir_is_pipe;
@@ -161,6 +162,11 @@ redir_authorized(char *arg, char *attempt, int expected)
 {
     size_t seen = seen_input(arg);
 
+    if (restricted) {
+	fprintf(stderr, "Can't %s in restricted mode\n", attempt);
+	return 0;
+    }
+
     if (executing) {
 	fprintf(stderr, "Can't %s in a batch file\n", attempt);
 	return 0;