[mynewaccount00]

> Security is imperative

> Install with sudo curl bash

[hacker_homie]

This is kinda funny, but what is a better alternative for new projects on Linux?

[arccy]

it's a rust project which tries to claim the ability to build static binaries, you should be able to just download the server binary.

[natrys]

Yes it seems the binaries are here: https://ferron.sh/download

I will say that though, it's probably not rational to be okay with blindly running some opaque binary from a website, but then flip out when it comes to running an install script from the same people and domain behind the same software. At least from security PoV I don't see how there should be any difference, but it's true that install scripts can be opinionated and litter your system by putting files in unwanted places so nevertheless there are strong arguments outside of security.

[gregoriol]

Why not the usual package repositories and distribution by the official ones?

[jraph]

That's a slow process and you need someone to do the packaging, either yourself or a volunteer, and this for each distro. Which is not trivial to master and requires time. The "new" qualifier in the parent comment is key here.

Open build service [1] / openSUSE Build Service [2] might help a bit there though, providing a tool to automate packaging for different distributions.

[1] https://openbuildservice.org/

[2] https://build.opensuse.org/

[PufPufPuf]

Most Linux distributions won't package an unknown project. Chicken and egg problem. You could create your own PPA but that is basically the same as sudo curl bash in terms of security.

[jagged-chisel]

How’s that worse than downloading a random installer?

[theandrewbailey]

It's the Linux equivalent of downloading and running random binaries in Windows.

[voidUpdate]

*running as administrator

[magackame]

Gonna steal all your files, passwords and crypto as a regular user anyway?

[tonyhart7]

lmao