RE: HELIX and potato
Yes, exactly. The point is that it's not a good idea to blindly run a
script as root - who knows what it could do? Not suggesting that the
helixcode people are going to deliberately screw your system up, but it
could be intercepted or cracked somehow. Look at 'horrifying suggestion'
from last week, I think there's a description of what the script does in
there as well.
Has anyone talked to the helix people about this, why are they advocating
such a thing when Debian has such a good packaging system?
tim
> -----Original Message-----
> From: Johann Spies [SMTP:jhspies@adept.co.za]
> Sent: Tuesday, November 07, 2000 3:23 AM
> To: Debian
> Subject: Re: HELIX and potato
>
> On Mon, Nov 06, 2000 at 09:19:40PM -0900, Ethan Benson wrote:
> > On Mon, Nov 06, 2000 at 11:47:56AM -0800, Rob Hudson wrote:
> > > lynx -source http://go-gnome.org | sh
> >
> > we have been through this before, don't EVER run anything like that.
> >
> Excuse my ignorance, but after reading lynx's man page, I still do not
> understand what is actually happening in a command like this or let me
> put it this way: I do not understand how it can help to install
> helix-gnome or why it has to be run as root. As I understand it
> lynx is passing the html-source from go-gnome.org to bash. Why would
> one like to do it and why is it a security risk? Is it because it is
> run as root?
>
> Johann.
> --
> J.H. Spies - Tel. 082 782 0336 / 023 55 11 568
> "Jesus said unto her, I am the resurrection, and
> the life; he that believeth in me, though he were
> dead, yet shall he live." John 11:25
Reply to: