[OoooooooO]

sudo run "some link to a shell script"

Never understood why that became so common place ...

[cbarrick]

It's not really different than downloading a .msi or .exe installer on Windows and running it. Or downloading a .pkg installer on macOS and running it (or running a program supplied in a .dmg). Or downloading a .deb or .rpm on Linux and running it.

It's all whether or not you trust the entity supplying the installer, be it your package manager or a third party.

At least with shell scripts, you have the opportunity to read it first if you want to.

[LoganDark]

It is different: you give it sudo immediately so it doesn't have to ask.

Of course, many installers ask for administrator access anyway...

[cbarrick]

I don't think it's functionally different if you write sudo on the command line or if the installer uses sudo in the script.

As you said, most installers need to place binaries in privileged locations anyway.

[SAI_Peregrinus]

Stick the script in a. deb & tell 'em to use dpkg, much less suspicious.

[BobBagwill]

Because everyone uses airgapped disposable micro VM's for everything, right? No one would be stupid or lazy enough to run them on their development laptop or production server, right? Right!?!

Maybe the good side-effect of LLM's will be to standardize better hygiene and put a nail in the coffin of using full-fat kitchen sink OS images for everything.

[TeMPOraL]

No, of course every reasonable developer works with a bag full of disposable e-vapes, each one used to run a single command on and then thrown into a portable furnace.

[crotobloste]

But people check shell scripts before running them... right?

[u8080]

As well as .debs and other

[LoveMortuus]

I don't... I just tell myself that if anything bad happens I can always just format the computer and start anew.