|
|
|
|
|
|
by bravetraveler
1303 days ago
|
|
|
Precisely, if this is the suggested distribution method then I have to assume there's been even less investment in 'undistribution' It's possible for installers to be this full-featured, but it's plagued with footguns. They try and often fail to make an idempotent shellrc patcher with command line pipes, or something equally convoluted. If at all. Instead of using something established, or even better... drop-in config directories. Not everything needs to own (or even touch) the main config file! edit: Don't trust the 'curl the script before piping it' thing, either. I don't have it handy, but there's been demonstrated means to alter the content based on timing, causing the pipe to be a malicious payload |
|
|