- This topic has 2 replies, 3 voices, and was last updated 1 month, 3 weeks ago by
November 23, 2020 at 1:27 pm #273523ParticipantTopics: 4Replies: 3Points: 67Rank: Member
I’m quite new to PowerShell, but hey, i’m loving it so far.
I’m writing a scheduler that runs every 15 minutes and receives commands by reading CSV files that I create in another process and drop into an inbox folder. An example command would be to suspend a user account at a specific time.
I want to make sure that the CSV was created by one of my processes and isn’t fake. If I can’t do this then using my above example, it could technically be possible for anyone (with permissions) to drop a CSV into the inbox and suspend an account.
Is there a way that the scheduler can validate the CSV to determine that one of my processes created it?
November 23, 2020 at 2:16 pm #273553ParticipantTopics: 5Replies: 249Points: 985Rank: Major Contributor
A few thoughts on what you can do to solve. 1. Set permissions on the directory/file so only the specific account can write to it. 2. Encrypt the file so only an account with access to the private key can read it. 3. Create a hash of the file and check to ensure the hash is correct in your script (against a secure location that stores the hash).
November 24, 2020 at 4:56 am #273636ParticipantTopics: 13Replies: 41Points: 283Rank: Contributor
I second Mike R’s suggestions.
You could also consider writing to an Azure Table instead of a CSV file.
- You must be logged in to reply to this topic.