| ▲ | zx8080 5 days ago | |||||||
Every time I see `curl ..| sh` I feel bad. It shouldn't be a norm to run a downloaded script in shell. | ||||||||
| ▲ | zekica 5 days ago | parent [-] | |||||||
And especially not run the script while it's downloading. The remote server can detect timing difference (let's say the script has "sleep 30" and the buffer fills) and send a different response (really easy if using chunked encoding or HTTP2 data frames). | ||||||||
| ||||||||