Use your distro's package manager and repos first and foremost. Flatpak is also a viable alternative to distribution, and if enabled, comes along with some level of sandboxing at least.

"Back in the day" we cloned the source code and compiled ourself instead of distributing binaries & install scripts.

But yeah, the problem around curl | bash isn't the delivery method itself, it's the unsafe user behavior that generally comes along with it. It's the *nix equivalent of downloading an untrusted .exe from the net and running it, and there's no technical solution for educating users to be safe.

Safer behavior IMO would be to continue to encourage the use of immutable distros (Fedora silverbue and others). RO /, user apps (mostly) sandboxed, and if you do need to run anything untrusted, it happens inside a distrobox container.

I've installed untold thousands of .deb packages in my lifetime - often "officially" packaged by Debian or Ubuntu, but in many cases also from a software vendor's own apt repository.

Almost every one contains preinst or postinst scripts that are run as root, and yet I can count on zero hands the number of times I've opened one up first to see what it was actually doing.

At least a curlbash that doesn't prompt me for my password is running as an unprivileged user! /shrug

a lot of useful packages are not in package managers, or are in old versions that lack features u need. so its quite common to need to get around that...

Getting every software into every distro is not feasible, it's a NxM problem. Sometimes this encourages the use of third-party repositories, which I would argue is even unsafer because it requires root access.

Flatpak is a nice suggestion but unfortunately it doesn't seem to work nicely for CLIs.

> "Back in the day" we cloned the source code and compiled ourself instead of distributing binaries & install scripts.

Isn't that the same thing with the extra step of downloading a git repo?

Funny enough clone and compile is easier now than ever before. You can ask a llm to create a docker to compile any random program and most of the time will be okay.

R/O root means a a binary will fail to install, but won’t stop my homedir being backdoored in a DD Orion to the huge waste of time that attempting an RO root would be.