As much as I agree, I think we’re past the point of preventing normalization.
Comment on [deleted]
atzanteol@sh.itjust.works 3 months ago
Please do not normalize running scripts directly from websites.
BlueBockser@programming.dev 3 months ago
Fuzzypyro@lemmy.world 3 months ago
Agreed. Just point them to the repository. Cloning the repo and running the script is the barrier to entry here. If they can’t do that then reading it would do them no good.
joegarciar3a3294@lemmy.world 3 months ago
atzanteol@sh.itjust.works 3 months ago
No - you shouldn’t be putting
bash $(curl …)into a post and telling people to run it at all. It’s bad and shouldn’t be normalized in any way. Take. It. Down.Fiery@lemmy.dbzer0.com 3 months ago
Especially dangerous because the script can change. So this stays up, gets indexed and put in the search results for people looking to do this… And then poof suddenly the script is an info stealer.
Might not even be the original poster doing this, maybe their account gets hacked and the link gets every so slightly edited.
Just bad practice.
Though I must admit I do use proxmox helper scripts… But at least that’s a somewhat trusted repo.
MysteriousSophon21@lemmy.world 3 months ago
100% this - at the very least do a
curl URL | lessto inspect the script before piping it to bash, or better yet download it, review it thoroghly, then run it locally.