The problem isn't pipe, it's the default to blind trust.People will happily audit a PR but won't spend 5 seconds reading a script they're about to run as root.
These are often to install a repository and a package.
The alternative is to run something like rpm -i from_url.rpm to install some package directly. Which is not exactly any different from security perspective.
There is no easy way around this when the software is not in a system repo or without attestation in some way.
The problem isn't pipe, it's the default to blind trust.People will happily audit a PR but won't spend 5 seconds reading a script they're about to run as root.
It's not trust. There are plenty of major projects that only have or strongly prefer curl | bash. Trusting a vendor is fine.
These are often to install a repository and a package.
The alternative is to run something like rpm -i from_url.rpm to install some package directly. Which is not exactly any different from security perspective.
There is no easy way around this when the software is not in a system repo or without attestation in some way.
This may be considered as critical of Rust, so will be flagged and closed in due course.
made my day :D
Can you please stop trying to control what people do on their computers?
Nobody is forcing anyone to execute the script and usually the script is fully auditable.
100% Agree.
If I were an attacker, this is the easiest way to gain root access, leak env variables and install ransomware on the machine.
Accepting this as the standard way to install software just for convenience over security is just pure ignorance until a massive breach happens.
This even before mentioning flawed standards such as INSTALL.md [0] for agents to curl | sudo bash unattended from a .md file.
[0] https://www.mintlify.com/blog/install-md-standard-for-llm-ex...
Not only will we keep doing this, we'll have AI agents do it unsupervised.
[dead]