You
can make scripts for Windows PowerShell just as you can make scripts in the traditional
command shell, except that Windows PowerShell has a more complete scripting
language where looping and various logic braches can be readily implemented. In fact,
since it is built on top of the .NET Framework, PowerShell uses much of the same syntax
and naming conventions as the .NET programming languages such as C#.
Unfortunately, the ability to automate tasks has been exploited numerous times by
virus, worm, and spyware writers all over the world. To address some of these concerns,
a few default settings are built into PowerShell:
?–? No file is associated with the PowerShell executable. That means, for example,
that even if you create a PowerShell script called myps.ps1 (.ps1 is the
extension used for PowerShell scripts), you can??™t simply run it by doubleclicking
it. It will, however, open in Notepad instead so you can view the
source.
?– You can run only scripts that are signed and trusted by your system??™s
certificate store.
?–? When allowed, you can run a script from the PowerShell interface, but you
must always explicitly enter the path. So if a malicious hacker places a script
name similar to another command in your search path somewhere, you won??™t
execute that malicious script instead of the intended command.
Obviously, these measures aren??™t foolproof, but they certainly help limit the security
exposure.
Pages:
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469