[KronisLV]

How about the hash being something that you calculate locally?

  1. (local) Download the file from the URL.
  2. (local) Review it locally, in a text editor.
  3. (local) Get its hash locally, from the file in your file system.
  4. (SSH) Feed this hash into the fictional tool above.
  5. (SSH) If what curl gets is the same as the file that you've reviewed, it gets piped further into bash, otherwise the execution stops and an error is output.

Of course, that's only applicable to this particular case, where a compromised server could detect that a bash pipe is used and return different file contents. That would only be useful in situations where you want to review it on a local device, such as a desktop and run it on a remote one, such as a server.

Edit: If you want to review it remotely, there's nothing to prevent you from using less or something to view it before manually opening it with Bash. That just requires the discipline to not use one liners that both download and run it, as long as no such tool like the above exisdts.

[maccard]

I cant believe I'm going to suggest a blockchain but I think what you really want is: - run `cu-sh example.com/questionable.` - this uses `$editor` to let you review the contents (skippable with a command line flag) - generate a hash of your local contents - check said hash against a blockchain to see if everyone else who got it got the same contents as you. - decide from 1 and 2 above whether you actually want to proceed with the install.

You could replace blockchain with checking if it's signed, and the key matches an owner on keybase/github/some other federated identity provider too.