kravietz πŸ¦‡
Follow

Yet another less why installation by "download and run a bash script" isn't a very good idea

discuss.hashicorp.com/t/hcsec-

Β· Β· 1 Β· 0 Β· 3
Rook  

@kravietz This also apply to standard package managers?

When you gotta get things done, sometimes you just gotta trust! (kinda serious, kinda not)

1
kravietz πŸ¦‡  

@InternetRooky

RPM and Debian packages are signed - not individually, but by the distro - but this already provides some level of assurance. Of course this comes with an overhead, which is why e.g. python3-xxx packages in Ubuntu/Debian are usually older than those in PyPi, but security fixes are usually pushed by their maintainers.

0
Sign in to participate in the conversation
Mastodon πŸ” privacytools.io

Fast, secure and up-to-date instance. PrivacyTools provides knowledge and tools to protect your privacy against global mass surveillance.

Website: privacytools.io
Matrix Chat: chat.privacytools.io
Support us on OpenCollective, many contributions are tax deductible!

Resources

Developers

What is Mastodon?

social.privacytools.io

More…