Hacker News new | ask | show | jobs
by Blackthorn 4066 days ago
Have you ever run "./configure" on some open source code you downloaded? That's no more safe. In this case, curl | bash is probably more safe because at least it came over HTTPS.
1 comments
discardorama 4066 days ago
> Have you ever run "./configure" on some open source code you downloaded? That's no more safe.

That is if you don't do a

    view ./configure
first and go through it. You do take a look at the configure scripts, don't you?
link
Blackthorn 4066 days ago
What's less readable, a ToS that you have to accept or a GNU autotools configure script?

Example: expat's autoconf script is over twenty two thousand lines long.

link
cos 4066 days ago
You could just as easily do 'curl someurl | less' before you run it, too.
link