Gregory's Server@marcan I think for the OS bootstrap use case, curl|sh is totally fine. For installing apps though I think it's not only about trust but about scope: a script can do anything (including having a bug that deletes your entire disk), while most package installers will (more or less sanely) just place some files. Flatpak&co will even scope the file placement to a container. Now sure the installed app/tool can still have bugs, but I think limiting the scope of possible operations is always good.
|
4 comments
@directhex @marcan yes, but these are extras and not used by the majority of packages. For most packages it's just placing files. And even the scripts that do run are more limited in scope than a shell script that tries to tries to do everything. @crepererum @marcan are you verifying this statement, or merely assuming? I was a Debian Developer for 14 years. Just because a deb *can* contain nothing but files, doesn’t in any way prevent a maintainer from doing whatever they like in postinst |
@crepererum @marcan hum? Both rpm and deb packages can run arbitrary scripts as root on install without extra user intervention. Installing a package is giving root on your system to the package uploader.