|
|
|
|
|
|
by nothrabannosir
3217 days ago
|
|
|
That's not the comparison being made. It's between piping curl to bash, or just downloading a script and running it with sudo, without inspecting. Yes, you "could inspect". But this is about the instructions. And instructions to pipe curl to bash are no more or less harmful than instructions to download a binary from a "random" server and run it verbatim. "Piping curl to bash" is a red herring. It's "running unverified code" that's the problem. Piping curl to bash just makes it viscerally obvious how dangerous that is. |
|
|