Sad to see #rust developers defending the practice of piping CURL into SUDO BASH. Convenience shouldn't trump safety or security.
@postmodern_mod3 Inconvenience can often result in unexpectedly worse security when people automate the inconvenient thing.
-
-
@wycats care to provide an example?Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@wycats and are you seriously defending pipping an untrusted script through SUDO BASH. -
@postmodern_mod3 I'm not defending anything. Just saying that making things more manual rarely has the desired effect. -
@wycats so when will the `curl -s https://static.rust-lang.org/rustup.sh | sudo sh` be removed? Rust already has nightly binaries. -
@postmodern_mod3 What is your suggestion for a solution that will not be automated to execute arbitrary code. -
@wycats a) split curl | sudo command in two b) link to the script, let user view/download/etc c) just recommend they install the binaries. -
@postmodern_mod3 Downloading a nightly binary and clicking next/next/next is also executing untrusted code with sudo. What is the diff? -
@wycats it requires more user interaction. You should be signing your binaries anyways! -
@postmodern_mod3 if the server is hacked, which is the vuln vector, the attacker can just upload a new binary with their own sig or no sig - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.