In a high school environment, could Powershell (in Win7) be used by students for malicious activity? I have been deleting the powershell shortcuts as a precaution on computer Win 7 images to be used by students. My fear was a student could use powershell to write a script to access network shares or worse?????
They can use powershell under their user context so they can automate whatever they could do anyway. As long as your permissions are fine you should be alright. Saying that you can get to a lot more through powershell so they may be able to see things that you'd rather remained obscured and there may be more holes in security even under their user context that can be more easily messed with. It's just the same as a vbs script, .bat file or unrestricted macro. All run under the user context so should all be limited to the same actions performable by the user.
If you use security by obscurity you may need to look into a more active model with things like applocker and program hash rules to lock things down properly. It depends on how far you want or need to go.
There are currently 1 users browsing this thread. (0 members and 1 guests)