logoalt Hacker News

blourvimyesterday at 10:15 PM0 repliesview on HN

The web server is able to detect and change the response of a curl | sh thus a malicious actor could avoid some detection.

Having a binary also allows for antivirus software to be ran on it before deciding to run the binary itself or not.

I am not sure if curl | sh bypass sandboxing by default, but definitely is the case when compared to flatpak or just regular packaging