If you're running it in production then that's a problem. But I'd dare say that ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		new299 on Nov 3, 2014 \| parent \| context \| favorite \| on: curl \| sh If you're running it in production then that's a problem. But I'd dare say that relying on an external "apt-get install xxx" is pretty bad practice in production (to deploy new machines).

zimbatm on Nov 3, 2014 [–]

I agree but most companies I know don't have the infrastructure or best-practices in place to avoid it. Copy-pasting the curl|sh is very low effort and will predictably end up in deploy code (if you have any).

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact