Hacker News new | past | comments | ask | show | jobs | submit login
Valentine greeting with bash script (terminal) (afshinm.github.com)
17 points by afshinmeh on Feb 12, 2013 | hide | past | favorite | 13 comments



I now have something new to link to whenever someone posts something suggesting that a "pipe curl to shell" command isn't insane!

http://williamedwardscoder.tumblr.com/post/42921614369/omg-r...


That script has:

rm -rf ~

on line 22.

EDIT: Line was added by https://github.com/williame


I can't believe the guy merged that pull request. What was he thinking?


he came back with another pull request to revert the change .. which the closed without merging .. https://github.com/afshinm/valentine_script/pull/3


> bash <(curl http...

Stopped right there.


[deleted]


The point was that it's a really bad idea to encourage people to run random scripts downloaded from the internet.


Sorry, deleted.


williame gave a good lesson! Seriously, you just download a script randomly and execute it without first checking it. And I'd probably understand if it was a heroku script or something but a valentine script seriously?!


asking you to download straight to bash? Crazy!!!

That the 'exploit' is hosted on github, though, makes it interesting:

You can't tell ahead of time what you'll be served, but you can tell what exploit you got served...


Yeah I know what you say but that's why I made a github for that script. BTW, I think downloading bash script and run that is a little bit difficult!


It is always a good time to remember that bash might not always live in /bin/, but +1 for a bash script clearly marked as "bash".


Yes, even though it's trivial to make it POSIX-compatible:

https://github.com/afshinm/valentine_script/pull/1


Merged.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: