Windows PowerShell Blog : PowerShell’s Security Guiding Principles
Using the scope parameter, you can change the scripting levels for the current user only.
PowerShell V2 makes this reality much more transparent through a concept called “Execution Policy Scopes.” In V1, the scopes are as follows. Items on top, if defined, override items below them:
- Machine-Wide Group Policy
- Current-User Group Policy
- Machine-Wide ExecutionPolicy (stored in HKLM)
In V2, the scopes are as follows, with “Process“, ”CurrentUser”, and “LocalMachine” now surfaced as the –Scope parameter to Set-ExecutionPolicy
- Machine-Wide Group Policy
- Current-User Group Policy
- ExecutionPolicy parameter to PowerShell.exe
- PSExecutionContext environment variable
- Current-User ExecutionPolicy (stored in HKCU)
- Machine-Wide ExecutionPolicy (stored in HKLM)
Windows PowerShell Blog : PowerShell’s Security Guiding Principles