Command access rights identify the specific commands that can be executed on a Linux or UNIX computer by a user assigned the role to which the rights are added. Command rights also specify whether the commands defined in the right are executed under the user’s own account or using another user account.
There are two primary reasons for defining command rights:
- To grant access to specific commands that must be executed with elevated privileges
- To restrict access to only allow specific commands to be executed.
The most common reason for defining a command right is to grant access to commands that perform privileged operations. For example, you might want to grant users additional privileges to execute specific commands in a standard shell environment that they are not otherwise allowed to execute with the default rights associated with their account.
With this type of command right, most commands are executed in the default shell environment with ordinary user privileges. When users assigned to a role with this type of command right want to use their elevated privileges, they invoke the command they have been granted access to using the dzdo command. This type of command right is similar to configuring privileges in a sudoers file, then invoking a command using sudo.
This type of command right is appropriate for UNIX users who have a standard shell environment and only need elevated rights to perform specific tasks.
It is less common, but also possible to define a command right to restrict access. For example, you might want to create a role that provides strictly controlled access to an explicitly defined subset of shell commands. This type of command right creates a customized restricted environment shell (dzsh) where only explicitly defined commands can be executed. This type of command right is similar to configuring a “whitelist” of allowed command and is appropriate for users who only need access to a limited set of commands to perform their job.