hasse
hasse

Reputation: 903

Is setting ExecutionPolicy to Unrestricted for CurrentUser a security breach?

I have a couple of aliases I like to have in my PowerShell on my Windows 10.

I want them to persist between sessions, so I have put them in a profile.ps1 file under C:\Users{username}\Documents\WindowsPowerShell.

I am getting this annoying "cannot be loaded because running scripts is disabled on this system." error message, and have found this page on how to get rid of it: https://social.technet.microsoft.com/Forums/en-US/3e4a9006-d47d-4e19-96f4-10327ae0c5b1/not-able-to-run-script-in-windows-10?forum=winserverpowershell

In here someone says that this line will help:

Set-ExecutionPolicy Unrestricted -Scope CurrentUser -Force -Verbose

But is it hazardous to just set the execution policy to unrestricted for my user?

Upvotes: 4

Views: 6450

Answers (1)

Bruce Payette
Bruce Payette

Reputation: 2629

ExecutionPolicy is not a security boundary. As someone opined elsewhere in a comment, it is a safety feature. Think seat belt not door lock. But seat belts mitigate risk so it's better to use them than not. ExecutionPolicy mitigates the risk of unintentionally running malicious code. The generally recommended minimum policy is RemoteSigned.

Upvotes: 6

Related Questions