please look at the following URL: URL
Now it says the following about downloaded scripts:
"Runs scripts that are downloaded from the Internet and not signed, if the scripts are unblocked, such as by using the Unblock-File cmdlet."
I just downloaded a script from the technet gallery (PS2EXE) and I could run the test script that was included just fine without using the Unblock_file cmdlet. What is going on? Am i misunderstanding what Microsoft is telling me or is this a glitch?
help unblock-file
:The idea of a file being "remote" or "coming from the internet" is data on your local computer filesystem which has to be put there by the tool that downloads the file, it's not included in the file during the download.
If you downloaded a file through Internet Explorer, maybe FireFox, Invoke-WebRequest, these will add it. If you download with something else, the tool might not add this alternate stream.
See how it behaves:
So the main question is, if you run
Get-Content file.ps1:Zone.Identifier
and see the ZoneId is3
and can still run the script, andGet-ExecutionPolicy
is RemoteSigned, then you have something odd going on.But my guess is the download tool did not add this data, so the file looks just like a locally created one.
NB. RemoteSigned is not intended to be a security feature, it's intended to be a "help guard against accidentally running scripts before reading them and deliberately choosing to run them" check, like an "are you sure?" box, not like a password prompt.