Chapter 17. Security alert!

By now, you’re probably starting to get a feel for how powerful PowerShell can be—and you’re wondering whether all that power might be a security problem. It might be. Our goal in this chapter is to help you understand exactly how PowerShell can impact security in your environment, and how to configure PowerShell to provide exactly the balance of security and power you require. Also, pretty much everything in this chapter is specific to the Windows editions of PowerShell; macOS and Linux don’t include most of these features, as they’re not in keeping with the traditional shell experience on those platforms.

17.1. Keeping the shell secure

When PowerShell was introduced in late 2006, Microsoft didn’t exactly have a spotless record on security and scripting. After all, VBScript and Windows Script Host (WSH) were probably two of the most popular virus and malware vectors of the time, serving as entry points for such infamous viruses as I Love You, Melissa, and many others. When the PowerShell team announced that they were creating a new command-line shell that would offer unprecedented power and functionality, as well as scripting capabilities, we’re sure alarms went off, people were evacuated from buildings, and everyone gnashed their teeth in dismay.

17.2. Windows PowerShell security goals

17.3. Execution policy and code signing

17.4. Other security measures

17.5. Other security holes?

17.6. Security recommendations

17.7. Lab