[colug-432] bash pipe + read?

Rob Funk rfunk at funknet.net
Mon Nov 16 10:51:57 EST 2015

Rick Hornsby wrote:
> I've written a shell script that's meant to be run similar to how you install
> rvm[1] using curl:
> $ curl http://somehost/myscript.sh | sudo bash -s devel

If you do this, at least make it https rather than http, so that
you're not vulnerable to DNS hijacking.

> Alternatively, I could make the user do
> $ wget http://somehost/myscript.sh; chmod 755 myscript.sh; ./myscript.sh

  $ wget http://somehost/myscript.sh; bash ./myscript.sh

> But that seems far less elegant than curl ... | bash

But at least with that solution the user doesn't assume that you
expect them to run it without reading it.

More information about the colug-432 mailing list