zlacker

[return to "The browser catches homograph attacks, the terminal doesn't"]
1. Punchy+Hsa[view] [source] 2026-02-06 09:19:51
>>MrBudd+(OP)
If you're copying curl|sh from webpages you're already not paying attention and domain doesn't matter
◧◩
2. llm_ne+gua[view] [source] 2026-02-06 09:35:17
>>Punchy+Hsa
It is literally the method given to install a number of products. The first mechanism given as a fix, of sorts, is to install something via brew.

Brew is installed by copying a command line-

https://brew.sh

I mean, I guess you could retype it, but there is no intention for anyone to do that.

◧◩◪
3. steve1+W1b[view] [source] 2026-02-06 14:00:28
>>llm_ne+gua
I think Homebrew still makes a mess with permissions on multiuser systems (at least on macOS), so it's probably not a good example of best practices.
◧◩◪◨
4. llm_ne+aob[view] [source] 2026-02-06 15:49:20
>>steve1+W1b
I'm not holding it as a best practice, and I don't see how that was interpreted from my comment. I think installation through a copy/pasted script is terrible business.

But it was held as something exceptional, when here in reality a number of extremely widely used products, frameworks and tools provide installation through a curled shell script command.

Another example is CUDA on Linux. Installed via some copy/pasted scripts from a webpage.

[go to top]