I only discovered this recently, and it’s very handy.
Piping scripts directly to bash is a security risk. You can always download the scripts, inspect them and run locally if you so choose.
I only discovered this recently, and it’s very handy.
Piping scripts directly to bash is a security risk. You can always download the scripts, inspect them and run locally if you so choose.
I don’t like that an adversary could modify that link or its contents without much detection or any logging.
When you compare it to package managers that have immutable versioning that’s a big downfall. If someone were modifying pypi or npm packages I would be surprised if it went undetected.
Realistically is that an issue, probably not. But I do try and reduce my exposure when I can.