HomeSecExplorer
Jeff GeerlingOpenClaw (which was Moltbot, which was ClawdBot, all in the course of a week) is the new `sudo curl | bash`
doragasu
Tom BortelsTruth!
The "oh it's ok to give this access to all my personal accounts because it's running on my local hardware" - even though it most cases it isn't - was an odd flex to be sure.
Tulip Blossom@geerlingguy Sounds like a great idea to run as root on my servers
Sigma@geerlingguy Shouldn't it be
curl | sudo bash? Or maybe sudo su -c "curl | bash"? sudo curl | bash would execute curl as root, but not bash, I think.
Wolf480pl@wolf480pl @sigmasternchen hehe either way.
The Orange Theme@geerlingguy OpenMonkeysPaw (except the monkey's paw always mishears you and is racist and you get exactly what you deserve).
SamuelJohnson@geerlingguy Cute and... true.
Space Invader@geerlingguy I’m going to drink a White Claw and hope this goes away quickly.
Felix DF3LX
Atz@geerlingguy
It's a failing of humanity that "curl | bash" has become so common these days.
It's a failing of humanity that "curl | bash" has become so common these days.
Balu@geerlingguy I am not sure if you did this on purpose and I don't just get it, but you maybe meant `curl | sudo bash`? :-)
@balu sudo oops!
miki@geerlingguy Why do people complain about curl|bash so much? Especially that the same people will often happily launch setup.exe when in front of a Windows computer.
curl|bash is not any less safe than E.G. `go install`, and it doesn't get nearly the same level of hate.
aashvik@geerlingguy guess what? Its database was publicly readable, exposing all involved agents’ API keys (and more) via simple queries… not too surprising, tbh :P
@geerlingguy there is still hope! https://mastodon.online/@larsmb/116017796592641161
Lars Marowsky-Brée 😷 (@[email protected])
Hot take: If we added a "--install" option to #curl, we could optimize many a "| sh -" pipeline away. Finally a truly universal installer.