How to lock down sh, other OS access?

I'm running Zeppelin in docker based on the image on docker hub.  I've noticed that the sh interpreter, and I guess all others, have access to the configuration files.  For example I'm able to change the notebook permissions file using the sh interpreter.  This is clearly a problem.  Is there a way to change what user the interpreters, i guess, run as which won't have permissions to change the application's configuration?   Otherwise, there really isn't any notebook security, right?