|
|
|
|
|
|
by xg15
3192 days ago
|
|
|
I think that advice got warped/lost in translation: Wasn't the original advice "dont't paste stuff copied from web pages into the CLI"? - Because a bad page could covertly change what is actually copied via JS. That danger doesn't apply when things are copied from the browser chrome (address bar) or other locations. So why would pasting then still be dangerous? I think blindly passing on advices "because $SECURITY" can actually detrimental to security because you may end up with half a dozen esoteric practices without actually knowing what they defend against. (I know the parent was half-joking, I think that's a more general problem) |
|
|