In one of my logseq notes, I had saved a Jira sprint board URL.
When I clicked on that URL from logseq, I got an email from the security team at my work:
Our security controls have detected the following encoded PowerShell command run on your host: ..
Encoded command: C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell -NoProfile -NonInteractive –ExecutionPolicy Bypass -EncodedCommand ..
Decoded command: Start ".."
Parent Process: logseq.exe
Parent Process Name: logseq
Can someone please throw some light on why the execution policy is bypassed? Is that necessary? If not, can that be disabled?
This prevent the prompt and interruption during the installation. The Executionpolicy of powershell could be changed, but the adverse effect may add more frictions to the installation process. Alternatively, the security team could whitelist the application…please note that it depends on the security tools being used to monitor corporate computer assets.