Y
Hacker News
new
|
ask
|
show
|
jobs
by
pjmlp
37 days ago
Because even with HTTPS that script might not do what you expect and then is too late, xz style attack.
1 comments
kibwen
37 days ago
You're already installing a binary, the script is not the weak link here.
link
pjmlp
36 days ago
Depends, installing binaries on GNU/Linux usually assumes validated distro repos.
link