Executing scripts in the current directory

I guess I've casually accepted that in Monad ... then PowerShell ...
that I can't execute a script by typing:

ScriptName

or

ScriptName.ps1

I know that I have to type .\ScriptName.ps1 or .\ScriptName.

No problem practically speaking.

I've heard it said that it's a security feature.

If I can figure out that the command is .\ScriptName.ps1 or
..\ScriptName surely any hacker can do that too?

So what's the basis of the assumed added security?

Am I being extra obtuse today?

Thanks

Andrew Watt MVP

I've asked this before and the answer I got was basically "What if a bad program
executed without admin rights, and littered the drive with another bad program
that had the same name as a system command (like DIR)? Then when an admin was in
that directory and typed the DIR command the bad program would run with admin
rights."

I agree that it is possible, but it rarely happens and anti-virus should catch
it and I'm getting tired of doing more work and extra steps for these what if
scenarios. What if a bad guy breaks a window and comes into my house? Does
that mean I should replace all my windows with bricks? Well maybe, but that's a
choice I get to make, a balance between security and convenience/enjoyment.
PowerShell gives me no choice between risk and productivity here.

Microsoft has been beat up so hard about security (and most of it was justified)
that now they're taking it too far and actually hurting productivity. Another
example is the command prompt in Windows Vista, you can't drag'n'drop a program
on to the cmd.exe window anymore, many many people complained about this in the
beta feedback forum but Microsoft would not even comment on it. We can only
assume it was for extra security, and the fact that I can't turn it off really
annoys me.


"Andrew Watt [MVP]" <SVGDeveloper@aol.com> wrote in message
news:8qeml2hrb11e2ql0aopk1ofcjp9ev9j14p@4ax.com...
>I guess I've casually accepted that in Monad ... then PowerShell ...
> that I can't execute a script by typing:
>
> ScriptName
>
> or
>
> ScriptName.ps1
>
> I know that I have to type .\ScriptName.ps1 or .\ScriptName.
>
> No problem practically speaking.
>
> I've heard it said that it's a security feature.
>
> If I can figure out that the command is .\ScriptName.ps1 or
> .\ScriptName surely any hacker can do that too?
>
> So what's the basis of the assumed added security?
>
> Am I being extra obtuse today?
>
> Thanks
>
> Andrew Watt MVP

"Marty List" wrote:

> We can only assume it was for extra security, and the fact that I can't turn it off
> really annoys me.

You can turn on executing of scripts in the current directory. All you need
to do is include the current directory "." in your environment search path.
PowerShell just tries to be secure by default here. If you like to have your
key under your doormat, then do it - it's your choice!
Frankly, I don't see the need for this because tab-expansion should add ".\"
and ".ps1" for you.

--
greetings
dreeschkind

> "Andrew Watt [MVP]" <SVGDeveloper@aol.com> wrote in message
> news:8qeml2hrb11e2ql0aopk1ofcjp9ev9j14p@4ax.com...
> >I guess I've casually accepted that in Monad ... then PowerShell ...
> > that I can't execute a script by typing:
> >
> > ScriptName
> >
> > or
> >
> > ScriptName.ps1
> >
> > I know that I have to type .\ScriptName.ps1 or .\ScriptName.
> >
> > No problem practically speaking.
> >
> > I've heard it said that it's a security feature.
> >
> > If I can figure out that the command is .\ScriptName.ps1 or
> > .\ScriptName surely any hacker can do that too?
> >
> > So what's the basis of the assumed added security?
> >
> > Am I being extra obtuse today?
> >
> > Thanks
> >
> > Andrew Watt MVP
>
>
>

"dreeschkind" <dreeschkind@discussions.microsoft.com> wrote in message
news:3A34147D-FD8F-40AD-BCA7-9AF95C01A38B@microsoft.com...
>
> You can turn on executing of scripts in the current directory. All you need
> to do is include the current directory "." in your environment search path.
> PowerShell just tries to be secure by default here. If you like to have your
> key under your doormat, then do it - it's your choice!
> Frankly, I don't see the need for this because tab-expansion should add ".\"
> and ".ps1" for you.
>

Thanks for the tip, I forgot about that. My problem is that I use so many
different systems at different locations and customizing everything all the time
gets tedious. I just need to add this to the scripts in my tools folder that I
always have with me.

On Wed, 15 Nov 2006 11:18:38 -0700, "Marty List" <usenet@optimumx.com>
wrote:

>Thanks for the tip, I forgot about that. My problem is that I use so many
>different systems at different locations and customizing everything all the time
>gets tedious. I just need to add this to the scripts in my tools folder that I
>always have with me.

$envath += ";."

will probably do it (assumes the last path in the PATH environment
variable doesn't end in a semicolon).

Andrew Watt MVP