-ExecutionPolicy Bypass我知道您可以通过在命令行中传递来绕过 PowerShell 中的当前执行策略,但这实际上起了什么作用?
我知道它允许脚本运行,但我假设它会阻止标准用户运行可能危害系统/网络的 cmdlet?
如果你问我为什么要让标准用户运行 PowerShell 脚本,基本上是因为网络上有一个应用程序,它有许多可以传递给它的开关。有时,用户可能需要更改这些开关。所以我认为 PowerShell 可能是最好的选择。
脚本如下:
$app = "C:\Path\To\Application.exe"
$path = "C:\Path\To\File.dat"
$switches = @('/switch1', '/switch2', '/switch3')
Start-Process $app "-File ""$path"" ""$switches"""
答案1
让我们从基本的默认值开始ExecutionPolicy:Restricted
Restricted
1. Permits individual commands, but will not run scripts.
2. Prevents running of all script files, including formatting and configuration files (.ps1xml), module script files (.psm1), and Windows PowerShell profiles (.ps1).
如果您绕过ExecutionPolicy,您将允许运行任何 Windows PowerShell 脚本,无论是内部人员创建的还是下载的......
Bypass
1. Nothing is blocked and there are no warnings or prompts.
2. This execution policy is designed for configurations in which a Windows PowerShell script is built in to a larger application or for configurations in which Windows PowerShell is the foundation for a program that has its own security model.
您最好将其设置ExecutionPolicy为RemoteSigned(因此签署您的 PowerShell 脚本)或Unrestricted(让运行此脚本的人确保它是正确的,因为他们会收到弹出窗口)。
您可以ExecutionPolicy在 Microsoft 的about_ExecutionPolicies文章。