Shell programs are commonly known in the art as a way of commanding a computer to execute certain actions. Shell programs may be graphical or text based. Shell tools may include the actual shell commands like list (ls), move (mv), and remove (rm), among others. A shell script may be a series of shell commands stored in a file and executed until the end of the file is reached. Shell commands can access critical resources within a computer. Current shell security uses the security offered by the operating system of the computer, which is mostly user identity-based (e.g. user A can access the file B, while user C cannot).
With the proliferation of downloading programs, scripts, and other data from the Internet or third party sources, there is a need for limiting access to internal computer resources from potentially malicious downloads. An operating system security based on user identity is not enough because a user may unknowingly execute malicious codes and/or scripts. This is a drawback because a program is executed in the security context of its user, therefore, the program has all the permissions associated with the user identity (e.g. user A execute program X which maliciously access file B).