Protected shell for risk validation

What is claimed is: 1. A method comprising: invoking, on a computer system, a shell through which a plurality of at least one of commands and scripts can be executed; validating individual ones of said plurality of at least one of commands and scripts at least in part by simulating execution of said individual ones of said plurality of at least one of commands and scripts to estimate effects of said execution on a configuration of said computer system; and executing, via said shell, given individual ones of said plurality of at least one of commands and scripts, for which said validation is successful. 2. The method of claim 1 , wherein said validating is carried out based on user roles, policies, and a configuration profile. 3. The method of claim 2 , further comprising: obtaining change tickets; and accessing said configuration profile based on said change tickets. 4. The method of claim 3 , wherein said accessing comprises choosing an existing configuration profile based on said change tickets. 5. The method of claim 3 , wherein said accessing comprises building a new configuration profile based on said change tickets. 6. The method of claim 3 , wherein said validating is carried out at shell level by said shell. 7. The method of claim 6 , wherein said validating comprises: assigning each individual one of said plurality of at least one of commands and scripts to a category, said categories comprising at least a GO category and a NO GO category; accepting individual ones of said plurality of at least one of commands and scripts in said GO category; and rejecting individual ones of said plurality of at least one of commands and scripts in said NO GO category. 8. The method of claim 7 , wherein, in said assigning step, said categories further comprise a NOT SURE category, further comprising: accepting individual ones of said plurality of at least one of commands and scripts in said NOT SURE category if policy-compliant; and rejecting individual ones of said plurality of at least one of commands and scripts in said NO GO category if not policy-compliant. 9. The method of claim 3 , wherein said validating is carried out at operating system level. 10. The method of claim 9 , wherein said validating comprises, for a plurality of system calls associated with said plurality of at least one of commands and scripts: accepting non-intrusive ones of said system calls; accepting intrusive ones of said system calls, if policy-compliant; and rejecting intrusive ones of said system calls, if not policy-compliant. 11. The method of claim 1 , wherein said executing comprises changing said configuration of said computer system. 12. A computer system comprising: a memory; and at least one processor, coupled to said memory, and operative to: invoke a shell through which a plurality of at least one of commands and scripts can be executed; validate individual ones of said plurality of at least one of commands and scripts at least in part by simulating execution of said individual ones of said plurality of at least one of commands and scripts to estimate effects of said execution on a configuration of said computer system; and execute, via said shell, given individual ones of said plurality of at least one of commands and scripts, for which said validation is successful. 13. The computer system of claim 12 , wherein said at least one processor is operative to validate based on user roles, policies, and a configuration profile. 14. The computer system of claim 13 , wherein said at least one processor is further operative to: obtain change tickets; and access said configuration profile based on said change tickets. 15. The computer system of claim 14 , wherein said at least one processor is operative to access by choosing an existing configuration profile based on said change tickets. 16. The computer system of claim 14 , wherein said at least one processor is operative to access by building a new configuration profile based on said change tickets. 17. A computer program product, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, wherein the computer readable storage medium is not a transitory signal per se, the program instructions executable by a computer system to cause the computer system to perform a method comprising: invoking, on the computer system, a shell through which a plurality of at least one of commands and scripts can be executed; validating individual ones of said plurality of at least one of commands and scripts at least in part by simulating execution of said individual ones of said plurality of at least one of commands and scripts to estimate effects of said execution on a configuration of said computer system; and executing, via said shell, given individual ones of said plurality of at least one of commands and scripts, for which said validation is successful. 18. The computer program product of claim 17 , wherein said validating is carried out based on user roles, policies, and a configuration profile. 19. The computer program product of claim 18 , wherein the program instructions are executable by the computer system to cause the computer system to perform said method, said method further comprising: obtaining change tickets; and accessing said configuration profile based on said change tickets. 20. The computer program product of claim 19 , wherein said accessing comprises choosing an existing configuration profile based on said change tickets. 21. The computer program product of claim 19 , wherein said accessing comprises building a new configuration profile based on said change tickets.