starred/RunAsUser
1
0
Fork 0
mirror of https://github.com/KelvinTegelaar/RunAsUser.git synced 2026-04-26 09:05:56 +03:00
Code Issues Projects Releases Packages Wiki Activity

[PR #12] [MERGED] Allow variables in $ScriptBlock #5

New issue
Closed
opened 2026-03-03 13:56:45 +03:00 by kerem · 0 comments
kerem commented 2026-03-03 13:56:45 +03:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/KelvinTegelaar/RunAsUser/pull/12
Author: @cybermoloch
Created: 2/28/2021
Status: Merged
Merged: 3/5/2021
Merged by: @KelvinTegelaar

Base: masterHead: cybermoloch-patch-1

📝 Commits (1)

  • 29e292a Allow variables in $ScriptBlock

📊 Changes

1 file changed (+2 additions, -1 deletions)

View changed files

📝 Public/Invoke-AsCurrentUser.ps1 (+2 -1)

📄 Description

Uses $ExecutionContext.InvokeCommand.ExpandString to expand the $ScriptBlock to evaluate the variables from the calling script/function

Fixes KelvinTegelaar#7

There are security considerations when using this method. Since we are expanding the commands into a less privileged context, I think the risks are quite minimal to non-existent. An alternative would be to output and read back the commands as a temporary file but that has even more security implications (permissions of the files, race condition of the file being written vs read).

I've tested with a one line $ScriptBlock and three line $ScriptBlock.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/KelvinTegelaar/RunAsUser/pull/12 **Author:** [@cybermoloch](https://github.com/cybermoloch) **Created:** 2/28/2021 **Status:** ✅ Merged **Merged:** 3/5/2021 **Merged by:** [@KelvinTegelaar](https://github.com/KelvinTegelaar) **Base:** `master` ← **Head:** `cybermoloch-patch-1` --- ### 📝 Commits (1) - [`29e292a`](https://github.com/KelvinTegelaar/RunAsUser/commit/29e292a512328e797e486616c40524ae0d4e74b2) Allow variables in $ScriptBlock ### 📊 Changes **1 file changed** (+2 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `Public/Invoke-AsCurrentUser.ps1` (+2 -1) </details> ### 📄 Description Uses $ExecutionContext.InvokeCommand.ExpandString to expand the $ScriptBlock to evaluate the variables from the calling script/function Fixes KelvinTegelaar#7 There are security considerations when using this method. Since we are expanding the commands into a less privileged context, I think the risks are quite minimal to non-existent. An alternative would be to output and read back the commands as a temporary file but that has even more security implications (permissions of the files, race condition of the file being written vs read). I've tested with a one line $ScriptBlock and three line $ScriptBlock. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
kerem 2026-03-03 13:56:45 +03:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
beta
No results found.
Labels
Clear labels   
pull-request

Mirrored from GitHub Pull Request

No labels
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/RunAsUser#5
No description provided.