Windows Vista Forums

Executing scripts in the current directory
  1. #1


    Andrew Watt [MVP] Guest

    Executing scripts in the current directory

    I guess I've casually accepted that in Monad ... then PowerShell ...
    that I can't execute a script by typing:

    ScriptName

    or

    ScriptName.ps1

    I know that I have to type .\ScriptName.ps1 or .\ScriptName.



    No problem practically speaking.

    I've heard it said that it's a security feature.

    If I can figure out that the command is .\ScriptName.ps1 or
    ..\ScriptName surely any hacker can do that too?

    So what's the basis of the assumed added security?

    Am I being extra obtuse today?

    Thanks

    Andrew Watt MVP

      My System SpecsSystem Spec

  2. #2


    Marty List Guest

    Re: Executing scripts in the current directory


    I've asked this before and the answer I got was basically "What if a bad program
    executed without admin rights, and littered the drive with another bad program
    that had the same name as a system command (like DIR)? Then when an admin was in
    that directory and typed the DIR command the bad program would run with admin
    rights."

    I agree that it is possible, but it rarely happens and anti-virus should catch
    it and I'm getting tired of doing more work and extra steps for these what if
    scenarios. What if a bad guy breaks a window and comes into my house? Does
    that mean I should replace all my windows with bricks? Well maybe, but that's a
    choice I get to make, a balance between security and convenience/enjoyment.
    PowerShell gives me no choice between risk and productivity here.

    Microsoft has been beat up so hard about security (and most of it was justified)
    that now they're taking it too far and actually hurting productivity. Another
    example is the command prompt in Windows Vista, you can't drag'n'drop a program
    on to the cmd.exe window anymore, many many people complained about this in the
    beta feedback forum but Microsoft would not even comment on it. We can only
    assume it was for extra security, and the fact that I can't turn it off really
    annoys me.


    "Andrew Watt [MVP]" <SVGDeveloper@aol.com> wrote in message
    news:8qeml2hrb11e2ql0aopk1ofcjp9ev9j14p@4ax.com...
    >I guess I've casually accepted that in Monad ... then PowerShell ...
    > that I can't execute a script by typing:
    >
    > ScriptName
    >
    > or
    >
    > ScriptName.ps1
    >
    > I know that I have to type .\ScriptName.ps1 or .\ScriptName.
    >
    > No problem practically speaking.
    >
    > I've heard it said that it's a security feature.
    >
    > If I can figure out that the command is .\ScriptName.ps1 or
    > .\ScriptName surely any hacker can do that too?
    >
    > So what's the basis of the assumed added security?
    >
    > Am I being extra obtuse today?
    >
    > Thanks
    >
    > Andrew Watt MVP




      My System SpecsSystem Spec

  3. #3


    dreeschkind Guest

    Re: Executing scripts in the current directory

    "Marty List" wrote:

    > We can only assume it was for extra security, and the fact that I can't turn it off
    > really annoys me.


    You can turn on executing of scripts in the current directory. All you need
    to do is include the current directory "." in your environment search path.
    PowerShell just tries to be secure by default here. If you like to have your
    key under your doormat, then do it - it's your choice!
    Frankly, I don't see the need for this because tab-expansion should add ".\"
    and ".ps1" for you.

    --
    greetings
    dreeschkind

    > "Andrew Watt [MVP]" <SVGDeveloper@aol.com> wrote in message
    > news:8qeml2hrb11e2ql0aopk1ofcjp9ev9j14p@4ax.com...
    > >I guess I've casually accepted that in Monad ... then PowerShell ...
    > > that I can't execute a script by typing:
    > >
    > > ScriptName
    > >
    > > or
    > >
    > > ScriptName.ps1
    > >
    > > I know that I have to type .\ScriptName.ps1 or .\ScriptName.
    > >
    > > No problem practically speaking.
    > >
    > > I've heard it said that it's a security feature.
    > >
    > > If I can figure out that the command is .\ScriptName.ps1 or
    > > .\ScriptName surely any hacker can do that too?
    > >
    > > So what's the basis of the assumed added security?
    > >
    > > Am I being extra obtuse today?
    > >
    > > Thanks
    > >
    > > Andrew Watt MVP

    >
    >
    >


      My System SpecsSystem Spec

  4. #4


    Marty List Guest

    Re: Executing scripts in the current directory


    "dreeschkind" <dreeschkind@discussions.microsoft.com> wrote in message
    news:3A34147D-FD8F-40AD-BCA7-9AF95C01A38B@microsoft.com...
    >
    > You can turn on executing of scripts in the current directory. All you need
    > to do is include the current directory "." in your environment search path.
    > PowerShell just tries to be secure by default here. If you like to have your
    > key under your doormat, then do it - it's your choice!
    > Frankly, I don't see the need for this because tab-expansion should add ".\"
    > and ".ps1" for you.
    >


    Thanks for the tip, I forgot about that. My problem is that I use so many
    different systems at different locations and customizing everything all the time
    gets tedious. I just need to add this to the scripts in my tools folder that I
    always have with me.




      My System SpecsSystem Spec

  5. #5


    Andrew Watt [MVP] Guest

    Re: Executing scripts in the current directory

    On Wed, 15 Nov 2006 11:18:38 -0700, "Marty List" <usenet@optimumx.com>
    wrote:

    >Thanks for the tip, I forgot about that. My problem is that I use so many
    >different systems at different locations and customizing everything all the time
    >gets tedious. I just need to add this to the scripts in my tools folder that I
    >always have with me.


    $envath += ";."

    will probably do it (assumes the last path in the PATH environment
    variable doesn't end in a semicolon).

    Andrew Watt MVP

      My System SpecsSystem Spec

Executing scripts in the current directory problems?

Similar Threads
Thread Thread Starter Forum Replies Last Post
executing scripts within a web browser control under the system ac QSIDeveloper .NET General 0 08 Apr 2009
Executing PowerShell Scripts with IIS officer07 PowerShell 2 21 Nov 2008
executing powershell scripts on server how to display variable value? PowerShell 2 03 Oct 2008
Executing batch files in PS scripts David PowerShell 5 28 Jun 2007
how do I keep powershells current directory and dotnets current directory in sync Harald Ums \(2179630\) PowerShell 1 21 Jun 2007