this post was submitted on 30 Apr 2026
48 points (96.2% liked)
Linux
5338 readers
1 users here now
Shit, just linux.
Use this community for anything related to linux for now, if it gets too huge maybe there will be some sort of meme/gaming/shitpost spinoff. Currently though… go nuts
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I wish the worst case of gout on people who do this. I can't believe it's become such an accepted way of installing software.
I have a vague memory of some project that did this ages ago where you could see the script on their web page but when you ran the command it executed a different script (there was a single-character difference in the URL) and the result was it told you not to be so dumb as to run scripts like that.
It was idontplaydarts.com (search it up on Internet Archive). It could detect if you were downloading it directly, or piping it to bash, abd change the script it was delivering accordingly.
It is still the recommended way to install Rust.... M)
But what is bonkers is that pip install can run arbitrary code. The python packaging system is likely to be the next target of such attackers.