1 comment

[ 4.2 ms ] story [ 15.1 ms ] thread
It is generally considered bad and unsafe practice to download a shell script from the Internet and then run it directly in the shell via pipe unchecked. However, many projects now use this and it is even their official way to install their software. There are more elegant ways to do this and one would be to check a hash sum first and then run the script, but this is mostly bypassed by a pipe. The installation scripts are usually not designed for this and therefore often a dangerous practice.

This list should not be a pillory but a list for the overview of which projects use this and where you should be careful as a user. This means to take a look at the install scripts before you run them unchecked.