![]() |
![]() | ![]() | ![]() | ![]() | ![]() | ![]() | ![]() |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
![]() |
| |
| | #1 (permalink) |
| | Executing scripts in the current directory I guess I've casually accepted that in Monad ... then PowerShell ... that I can't execute a script by typing: ScriptName or ScriptName.ps1 I know that I have to type .\ScriptName.ps1 or .\ScriptName. No problem practically speaking. I've heard it said that it's a security feature. If I can figure out that the command is .\ScriptName.ps1 or ..\ScriptName surely any hacker can do that too? So what's the basis of the assumed added security? Am I being extra obtuse today? Thanks Andrew Watt MVP |
My System Specs![]() |
| | #2 (permalink) |
| | Re: Executing scripts in the current directory I've asked this before and the answer I got was basically "What if a bad program executed without admin rights, and littered the drive with another bad program that had the same name as a system command (like DIR)? Then when an admin was in that directory and typed the DIR command the bad program would run with admin rights." I agree that it is possible, but it rarely happens and anti-virus should catch it and I'm getting tired of doing more work and extra steps for these what if scenarios. What if a bad guy breaks a window and comes into my house? Does that mean I should replace all my windows with bricks? Well maybe, but that's a choice I get to make, a balance between security and convenience/enjoyment. PowerShell gives me no choice between risk and productivity here. Microsoft has been beat up so hard about security (and most of it was justified) that now they're taking it too far and actually hurting productivity. Another example is the command prompt in Windows Vista, you can't drag'n'drop a program on to the cmd.exe window anymore, many many people complained about this in the beta feedback forum but Microsoft would not even comment on it. We can only assume it was for extra security, and the fact that I can't turn it off really annoys me. "Andrew Watt [MVP]" <SVGDeveloper@aol.com> wrote in message news:8qeml2hrb11e2ql0aopk1ofcjp9ev9j14p@4ax.com... >I guess I've casually accepted that in Monad ... then PowerShell ... > that I can't execute a script by typing: > > ScriptName > > or > > ScriptName.ps1 > > I know that I have to type .\ScriptName.ps1 or .\ScriptName. > > No problem practically speaking. > > I've heard it said that it's a security feature. > > If I can figure out that the command is .\ScriptName.ps1 or > .\ScriptName surely any hacker can do that too? > > So what's the basis of the assumed added security? > > Am I being extra obtuse today? > > Thanks > > Andrew Watt MVP |
My System Specs![]() |
| | #3 (permalink) |
| | Re: Executing scripts in the current directory "Marty List" wrote: > We can only assume it was for extra security, and the fact that I can't turn it off > really annoys me. You can turn on executing of scripts in the current directory. All you need to do is include the current directory "." in your environment search path. PowerShell just tries to be secure by default here. If you like to have your key under your doormat, then do it - it's your choice! Frankly, I don't see the need for this because tab-expansion should add ".\" and ".ps1" for you. -- greetings dreeschkind > "Andrew Watt [MVP]" <SVGDeveloper@aol.com> wrote in message > news:8qeml2hrb11e2ql0aopk1ofcjp9ev9j14p@4ax.com... > >I guess I've casually accepted that in Monad ... then PowerShell ... > > that I can't execute a script by typing: > > > > ScriptName > > > > or > > > > ScriptName.ps1 > > > > I know that I have to type .\ScriptName.ps1 or .\ScriptName. > > > > No problem practically speaking. > > > > I've heard it said that it's a security feature. > > > > If I can figure out that the command is .\ScriptName.ps1 or > > .\ScriptName surely any hacker can do that too? > > > > So what's the basis of the assumed added security? > > > > Am I being extra obtuse today? > > > > Thanks > > > > Andrew Watt MVP > > > |
My System Specs![]() |
| | #4 (permalink) |
| | Re: Executing scripts in the current directory "dreeschkind" <dreeschkind@discussions.microsoft.com> wrote in message news:3A34147D-FD8F-40AD-BCA7-9AF95C01A38B@microsoft.com... > > You can turn on executing of scripts in the current directory. All you need > to do is include the current directory "." in your environment search path. > PowerShell just tries to be secure by default here. If you like to have your > key under your doormat, then do it - it's your choice! > Frankly, I don't see the need for this because tab-expansion should add ".\" > and ".ps1" for you. > Thanks for the tip, I forgot about that. My problem is that I use so many different systems at different locations and customizing everything all the time gets tedious. I just need to add this to the scripts in my tools folder that I always have with me. |
My System Specs![]() |
| | #5 (permalink) |
| | Re: Executing scripts in the current directory On Wed, 15 Nov 2006 11:18:38 -0700, "Marty List" <usenet@optimumx.com> wrote: >Thanks for the tip, I forgot about that. My problem is that I use so many >different systems at different locations and customizing everything all the time >gets tedious. I just need to add this to the scripts in my tools folder that I >always have with me. $env ath += ";."will probably do it (assumes the last path in the PATH environment variable doesn't end in a semicolon). Andrew Watt MVP |
My System Specs![]() |
![]() |
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| executing scripts within a web browser control under the system ac | .NET General | |||
| Executing PowerShell Scripts with IIS | PowerShell | |||
| executing powershell scripts on server | PowerShell | |||
| Executing batch files in PS scripts | PowerShell | |||
| how do I keep powershells current directory and dotnets current directory in sync | PowerShell | |||