h1

Monaday #2

December 17, 2007

powershell logo At first I was quite enthusiastic about PowerShell. Far better to have a modern scripting shell, made of the same fabric as current versions of Windows, than some stale leftover from 16 bit DOS.

Having taken my first few tentative steps, I set about creating the PowerShell equivalent of a DOS batch file. It would be an interesting learning process to, say, migrate my command line solution for video encoding to the new scripting medium.

I soon discovered the PowerShell equivalent of the .bat file is the .ps1 file. Simple experiment: put a PowerShell command such as “get-process” in a text file, save and rename so it has a .ps1 extension, double-click and it should run. But it just opens as a text file.

A bad sign. The .ps1 extension does not become associated with PowerShell when you install the latter. You can of course associate .ps1 with PowerShell manually. I tried that, double-clicked, PowerShell opened …. (yes! yes!) … then a load of red error messages appeared for a couple of microseconds and PowerShell closed again.

Apparently there is no way to run a PowerShell script by double-clicking a script file in an explorer window. You have to launch PowerShell manually and then run the script explicitly, giving its full pathname. This is for security reasons. It’s all explained here and is all about preventing “command hijacking”.

No wonder the .ps1 file extension does not get associated with PowerShell. There’s no point if you can’t run a script by clicking on the file.

Well I’m delighted that PowerShell is so secure, but less thrilled that it’s so inconvenient to use. So inconvenient as to make it all but useless. What is the point of a scripting language if you can’t use it to make life easier by replacing a series of commands with a simple click? Am I missing something?

I’m well aware of the security issues, including command hijacking, but there must be a better way to stop hackers dead in their tracks than crippling the scripting system to the point where it’s more trouble than it’s worth to use it.

What is Microsoft’s strategy here? Do they want to promote the new and safer PowerShell and phase out the old DOS box? You’d think so. To achieve that they need to encourage users to adopt PowerShell by promoting it and making it easy to use. But there is scant publicity and the security lock-down is a killer. Meantime the DOS box is still there with all its security vulnerabilities.

Which of the two do Microsoft expect real people to use? How does releasing a technologically up to date, secure but inconvenient new scripting system, while leaving the old insecure but easy to use system in place, help anyone migrate towards safer practices? Or reap any benefits for that matter?

I’m in two minds whether to bother with Monaday #3 et seq. If the DOS box is dead then PowerShell may soon be joining it in the same coffin.

AddThis Social Bookmark Button

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: