Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
PowerShell Module Security
@ferventcoder
Copy link

ferventcoder commented Jun 12, 2015

This seems like a bit of a security issue.

@ferventcoder
Copy link

ferventcoder commented Jun 22, 2015

This seems similar to how we discovered Mocking with Chocolatey - https://github.com/chocolatey/chocolatey/tree/fcc68ba881a52984c187390c7c9de66a787505e9/tests

@ferventcoder
Copy link

ferventcoder commented Jun 22, 2015

Recently I learned you don't even need to overwrite the function, just create an alias with the same name and it doesn't matter what your function is named. If the user is just calling it, without a local scope, it will call your alias instead. https://technet.microsoft.com/en-us/library/hh848304.aspx

Windows PowerShell uses the following
precedence order when it runs commands:

1. Alias
2. Function
3. Cmdlet 
4. Native Windows commands

Update: May only work for the exported functions, not the private ones.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment