zlacker
[return to "Detecting the use of "curl | bash" server-side"]
◧
1. cjbpri+e2
[view]
[source]
2018-07-29 02:26:42
>>rubyn0+(OP)
Neat! But it's not obviously a bad idea. You have a TLS connection with the site you're downloading from. `curl | bash` is no worse than downloading a .dmg or .deb from the same server would be.
◧◩
2. blub+Xd
[view]
[source]
2018-07-29 06:55:43
>>cjbpri+e2
Downloading a .dmg is not running any code, which makes it 100% better at preventing malware installation than curl | bash.
[go to top]