PowerShell Sign Code And Upload In The PowerShell Gallery

PowerShell_sign_code_and_upload_in_the_PowerShell galleryPowerShell_sign_code_and_upload_in_the_PowerShell galleryLast friday at the PowerShell Usergroup Hannover I briefly talked about CodeSigning for PowerShell modules for upload to the PowerShell Gallery. Well, the interest of my colleagues was bigger than expected and also some questions remained unanswered. Here also some things have changed. Fact is, most modules in the Gallery are unsigned. In the end, the question always arises, why sign at all, when the PowerShell execution policy can be so easily overridden?For example it is possible to execute arbitrary code with

Powershell.exe -ExecutionPolicy Bypass -File <PathToPowershellSkript.ps1>.

I have been using code signing certificates for my community PowerShell scripts for several years. This is especially well received by our customers. Our work is digitally signed with it. Furthermore the inhibitions are a little bit bigger to change scripts later because the signature block always has to be changed.

Continue reading
  10741 Hits

@nickinformation Tweets

My german Blog: 

http://www.software-virtualisierung.de

in 

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.