-
@ Jens Finkhäuser
2025-02-19 08:38:34
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqq5aex5tu4klzdek95t3ajmsnus6p7qc2euw4w0tere8zfecse7wskdtddn nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqngmy0tkem050emuld2lh6d9rlxsct6mp8l8esmqfjrew22z5ku5sysk9w3 Because you can't verify what's been downloaded before it goes to the shell. A server could detect curl and send something else than e.g. downloading the same thing in the browser.
It's not the shell part that's dangerous, it's the pipe.