

Why curl | sudo bash is a good thing - josegonzalez
https://gist.github.com/btm/6700524

======
smacktoward
_> This is obviously a shell script, if you're really concerned about the
argument that it may contain nefarious activities within, you can easily
review it before you run it._

Assuming that you're sufficiently competent to understand what you're reading,
of course -- and smart enough at shell scripting to be able to recognize all
the little wrinkles that a malicious scripter could use to make bad code look
safe.

Oh, and that the shell script isn't just downloading a binary blob, either,
since if it does that you'd have no way to know what's in that blob. Of
course, you ran the shell script as root, so if it _does_ download a binary
blob that blob could modify just about anything it wants to.

 _> What about dependencies? Does your platform have all the required
dependencies? Are they new enough (no, unless you're on the most recent
version). So now you also need to add a repository for all of these platforms
to get updated dependencies. All of these are going to need to be backported
and maintained for multiple versions by someone._

But that work is _already being done_ , at least for most popular Linux
distributions. The repositories already exist, people are already packaging
software for them, other people are handling backports and maintenance. All
that infrastructure has been built. So saying "someone's going to have to
build a lot of infrastructure!" isn't a very compelling argument.

