New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
curl pyenv.run | bash #41
Comments
@robnagler Wow thanks :) @yyuu should control that I guess. I wonder if he has seen it already ... |
@robnagler great! I'd like to add reference in READMEs and wiki 😄 I think I don't need to control the domain for now.... Thanks again! |
o.k. but then I would just like to make a public security announcement here that one should always check the script that hides behind that curl call :) |
Even I might be an evil Generally speaking everyone should be careful when executing code fetched from remote.... |
Who judges the judges? :) One thing we can do to give you more control is create, say, pyenv-run.github.io and point pyenv.run to it. |
You should also verify your DNS resolver is right, too. This is probably more serious for most people who are executing code from non TLS connections. |
@yyuu yes that's what I meant :) One should always check the install script before using it. @robnagler I am not judging anyone - that's for sure, and I think the domain is great. I just have this urge to warn people now and then to not just pipe the whole internet into their shell, although it is awfully convenient :D |
Sorry, I was being obscure. My quote was referring to the philosophical question Quis custodiet ipsos custodes?, meaning that there is infinite recursion on validation, and ultimately, you can never know (see Be that as it may, I'll keep running it as it. Let me know if you want changes. :) |
I know that as "who controls the controllers" and it's turtles all the way down anyway :D |
I add bought this domain to simplify the installer line, because I can never remember it :) You can now install with:
This redirects to https://raw.githubusercontent.com/yyuu/pyenv-installer/master/bin/pyenv-installer using curl so you don't need
-L
on curl above.I don't mind supporting this or if you want, I can turn the domain over to whomever you like.
The text was updated successfully, but these errors were encountered: