[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: sysadmin in training



On 5/12/23 10:16, Jeremy Stanley wrote:
On 2023-05-12 09:53:15 -0700 (-0700), Jeffrey Chimene wrote:
[...]
Agreed. Actually, ossec itself has a debian package, so no ITP for
me :). It made my work significantly easier since the regex
package (pcre2) isn't part of the distro; the absence has a
reason, but it's still an impediment that ossec itself has
addressed with their .deb
I'm not sure that official Debian documentation, particularly
security-focused documentation, should recommend that sysadmins
install packages from third party archives. That'll be up to the
maintainers of the documentation to decide, of course.
Agreed.

But beyond that...
wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo bash
[...]

There's a bit of irony in suggesting that security-conscious
sysadmins should download and run arbitrary scripts, much less with
root privileges. `curl|sudo bash` has virtually become a meme unto
itself these days.

Thank you for your concern. I certainly look at the script before execution. I think that suitable precautions can be written. I'm installing on several systems, so I like to have such command as a record. The example command comes from my notebook.


Thanks for your time!


Cheers,
jec



Reply to: