alt Hacker NewsIt is if the script is written badly, gets truncated while it's being downloaded, and fails to account for this possibility.
Look into tailscale's installation script, they wrapped everything into a function which is called in the last line — you either download and execute every line, or it does nothing.
Replies
Analemma_ • yesterday at 8:49 PM
This "what if it gets truncated in the middle of the download, and the half-run script does something really bad" objection gets brought up every time "curl | bash" is mentioned, and it always feels like "what if a cosmic ray flips a bit in your memory which makes the kernel erase your hard drive". Like, yes, it could happen in the same way getting killed by a falling asteroid could happen, but I'm not losing sleep over it.
Serious question, why or how would a script get truncated when transferred over https?