On Sat, 2016-05-21 at 16:43 +0200, Adam Borowski wrote: > Yay curl|bash. I'd say recommending such a command as their > installation > method means their view on security is so bad that no one should > touch them > with a $LENGTH pole.
At least as safe as a package, both are taking executable content from a source you don't implicitly trust and running it as root. (The install video shows a normal user but it assumes that user can run sudo. Look at the source.) Now if it were a http url there would at least be an argument about Man in the Middle threat, but it is an https. All they are doing is making a single cut/paste job to install instead of a list of command most newbs will screw up and then flood the forums about.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
