0

If i create a powershell runspace, either programatically with .NET or just by launching the powershell console; How secure are the scripts/commands that are run?

I'm not speaking about signing scripts, but the actually memory space that the scripts are run in.
I'm worried that if sensitive information is gathered as part of the script (a sql query into a salary database for example) that someone could hack this data out.

I know most people are thinking SecureString at this point, i know about SecureString.... I'm wanting to know specifically about the powershell runspace, not how to store strings securely inside a runspace (lets hope that last sentence didn't just answer my own question).

Specifically : Are other applications/scripts/whatever able to peer into the runspace and see the commands i'm running?

JasonMArcher
  • 14,195
  • 22
  • 56
  • 52
GordonBy
  • 3,099
  • 6
  • 31
  • 53
  • I'm no expert but I think PowerShell plays by the same rules of other processes. Each process has certain privileges depending on what user it runs as, and some [have access to the memory of other processes](http://stackoverflow.com/questions/1989783/how-is-it-possible-to-access-memory-of-other-processes). I think you're right that you'll have to encrypt information in memory if you're paranoid. I think the open source program [KeePass](http://keepass.info/) does this. It's probably not .NET but it's code might be educational. Reminder, though, I'm not a security or OS expert. Hope this helps. – Vimes Feb 06 '14 at 20:43

1 Answers1

0

Powershell script security works by controlling whether or not a script is "allowed" to run on your machine. If you have a machine running an execution policy of "AllSigned", that machine will require the Powershell script to be signed by a trusted certificate.

Scott Hanselman has a really good article on it here.

To my knowledge, your command history isn't permanently saved. You can do a "get-history" to see the commands you've entered in your current session, but it's not like linux/unix where "history" will contain all of the commands you've ever run on the system. As far as other applications being able to "peer into" or query your session, I have no idea.

Aaron
  • 55,518
  • 11
  • 116
  • 132