|
|
|
|
|
|
by chc
4229 days ago
|
|
|
The point is that if you're paranoid, you won't pipe curl into sh just like you won't blindly trust an unauthenticated hash. There is nothing stopping you from putting more effort into installing this software just like there's nothing stopping you from putting more effort into installing an apt package of questionable provenance. |
|
|