

Valentine greeting with bash script (terminal) - afshinmeh
http://afshinm.github.com/valentine_script/

======
bensummers
I now have something new to link to whenever someone posts something
suggesting that a "pipe curl to shell" command isn't insane!

[http://williamedwardscoder.tumblr.com/post/42921614369/omg-r...](http://williamedwardscoder.tumblr.com/post/42921614369/omg-
rm-rf-in-a-valentine-bash-script-and-its-partly)

------
phaemon
That script has:

rm -rf ~

on line 22.

EDIT: Line was added by <https://github.com/williame>

~~~
lewispollard
I can't believe the guy merged that pull request. What was he thinking?

~~~
krthkv
he came back with another pull request to revert the change .. which the
closed without merging .. <https://github.com/afshinm/valentine_script/pull/3>

------
lamby
> bash <(curl http...

Stopped right there.

------
willvarfar
asking you to download straight to bash? Crazy!!!

That the 'exploit' is hosted on github, though, makes it interesting:

You can't tell ahead of time what you'll be served, but you can tell what
exploit you got served...

~~~
afshinmeh
Yeah I know what you say but that's why I made a github for that script. BTW,
I think downloading bash script and run that is a little bit difficult!

------
kvprashant
williame gave a good lesson! Seriously, you just download a script randomly
and execute it without first checking it. And I'd probably understand if it
was a heroku script or something but a valentine script seriously?!

------
olgeni
It is always a good time to remember that bash might not always live in /bin/,
but +1 for a bash script clearly marked as "bash".

~~~
lamby
Yes, even though it's trivial to make it POSIX-compatible:

<https://github.com/afshinm/valentine_script/pull/1>

~~~
afshinmeh
Merged.

