this post was submitted on 13 Mar 2025
275 points (96.6% liked)

Linux

6450 readers
590 users here now

A community for everything relating to the GNU/Linux operating system

Also check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev
275
Am in the only one who cringes at install instructions that require piping some curl output into bash? (programming.dev)
submitted 2 days ago by cschreib@programming.dev to c/linux@programming.dev
150 comments fedilink hide all child comments
 

curl https://some-url/ | sh

I see this all over the place nowadays, even in communities that, I would think, should be security conscious. How is that safe? What's stopping the downloaded script from wiping my home directory? If you use this, how can you feel comfortable?

I understand that we have the same problems with the installed application, even if it was downloaded and installed manually. But I feel the bar for making a mistake in a shell script is much lower than in whatever language the main application is written. Don't we have something better than "sh" for this? Something with less power to do harm?

you are viewing a single comment's thread
view the rest of the comments
[–] Artyom@lemm.ee 40 points 1 day ago (1 children)

What's stopping the downloaded script from wiping my home directory?

What's stopping any Makefile, build script, or executable from running rm -rf ~? The correct answer is "nothing". PPAs are similarly open, things are a little safer if you only use your distro's default package sources, but it's always possible that a program will want to be able to delete something in your home directory, so it always has permission.

Containerized apps are the only way around this, where they get their own home directory.

[–] easily3667@lemmus.org 6 points 17 hours ago* (last edited 17 hours ago) (1 children)

Don't forget your package manager, running someone's installer as root

It's roughly the same state as when windows vista rolled out UAC in 2007 and everything still required admin rights because that's just how everything worked....but unlike Microsoft, Linux distros never did the thing of splitting off installs into admin vs unprivileged user installers.

[–] brian@programming.dev 4 points 12 hours ago

plenty of package managers have.

flatpak doesn't require any admin to install a new app

nixos doesn't run any code at all on your machine for just adding a package assuming it's already been cached. if it hasn't been cached it's run in a sandbox. the cases other package managers use post install configuration scripts for are a different mechanism which possibly has root access depending on what it is.