@notjustbikes I think you need a prescription strength dose of don't read the comments
Notices by Drew DeVault (drewdevault@fosstodon.org)
-
Drew DeVault (drewdevault@fosstodon.org)'s status on Tuesday, 26-Dec-2023 07:18:00 UTC Drew DeVault -
Drew DeVault (drewdevault@fosstodon.org)'s status on Wednesday, 01-Nov-2023 14:31:38 UTC Drew DeVault @marcan
#/bin/sh
rm -r ~/.config/myappIf the connection is interrupted after ~/.config is sent, you're in trouble.
-
Drew DeVault (drewdevault@fosstodon.org)'s status on Wednesday, 01-Nov-2023 14:31:22 UTC Drew DeVault @marcan okay, thanks for elaborating on the rationale here.
I think long-term moving towards a GUI app would be the best move, with a separate page on specific recommendations for recoveryOS.
-
Drew DeVault (drewdevault@fosstodon.org)'s status on Wednesday, 01-Nov-2023 14:31:16 UTC Drew DeVault @marcan
TLS provides privacy but not integrity. In case of a server-side exploitation, or simply memory corruption for any other reason ECC failures are not nearly as uncommon as anyone would like to believe!), TLS provides nothing.In general this practice to installing software with curl | sh is a huge side-step around all of the security and trust that comes built-in to the system package manager, and tends to litter your system with stuff the package manager doesn't know about -- [cotd]
-
Drew DeVault (drewdevault@fosstodon.org)'s status on Wednesday, 01-Nov-2023 14:31:15 UTC Drew DeVault @marcan -- how do you uninstall something installed like this?
I know that your use-case is a bit different, though I think you might lean on that difference too heavily to justify this approach. But there is a good reason we train users NOT to do this when they see it and argue against anyone who proliferates and normalizes it.
t. former author of curl | sh installers