This is the first lesson you have to learn as a Linux enthusiast, NEVER run commands you don’t know from the internet
“Nah, just curl this random web address and pipe it over to a sudo bash shell, everything will be fine!”
I hate how this is becoming the official install method for more and more shit. It’s like dude, really? You may as well stick your dick in a garbage disposal, both of those actions are equally safe.
You’re dreaming if you think I’m not going to wget it and read it to see what it does first.
To be fair: This is what everyone expects when you install software for Windows. Just download a more or less “good looking” binary blob, execute it with administrative privileges and hope that it will do what you want it to do.
As a lawyer I feel the same about people not reading contracts and signing stuff or just clicking the accept button. But hey, that’s just how it is unfortunately.
“Nah, just
curl
this random web address and pipe it over to a sudo bash shell, everything will be fine!”I hate how this is becoming the official install method for more and more shit. It’s like dude, really? You may as well stick your dick in a garbage disposal, both of those actions are equally safe.
You’re dreaming if you think I’m not going to
wget
it and read it to see what it does first.To be fair: This is what everyone expects when you install software for Windows. Just download a more or less “good looking” binary blob, execute it with administrative privileges and hope that it will do what you want it to do.
As a lawyer I feel the same about people not reading contracts and signing stuff or just clicking the accept button. But hey, that’s just how it is unfortunately.
At least it’s transparent and often doesn’t require root, unlike say a debian package.
Even worse is when the bash script you downloaded is only there to do some uname checks and then download and execute more code from the internet