A valentines day bash script (no, really) turned up being promoted on Hacker News. The instructions to run it were:
bash <(curl http...
This downloads a script from the internet and runs it straight away. The user doesn’t get to inspect the script and ensure it does what they suppose it to do.
No, really. Not at all a good idea to encourage people to execute anything they blindly download from the Internet. Its beyond stupid.
I’m one of several people saying so on Hacker News.
And in a fit of silliness I go fork it and add
rm -rf ~
and put in a pull-request entitled “its a really bad idea to execute scripts you blindly download from the internet”.
And it got merged. Gobsmacked. Was not expecting that. Was not wanting that at all.
17 or so minutes later, that line got removed. So for those 17 minutes, anyone using the script as instructed would have deleted their entire home folder.
I think I was the muppet they got to pull the trigger of the gun they pointed. I think it was all a big joke that just got decidedly non-funny. Lesson learned.
UPDATE 2013-02-13 well its been over a day now and the valentines page still encourages people to blindly download and execute scripts from the Internet despite all the talking at the owner. Perhaps the owner is planning his own little prank? Sad.
- dantengba reblogged this from williamedwardscoder
- derpyholek reblogged this from williamedwardscoder
- braindead reblogged this from williamedwardscoder and added:
- igorshubovych reblogged this from williamedwardscoder
- bendiken likes this
- weirderacont likes this
- liroxiv reblogged this from williamedwardscoder and added:
- gilberterik likes this
- r4vi reblogged this from williamedwardscoder
- duvaluated likes this
- pete23com reblogged this from williamedwardscoder and added:
- gfader likes this
- oppen likes this
- drinkthesunlight said: Haha. Evil with good intention, we need not gun control, but foolishness control.
- williamedwardscoder posted this
↓ click the "share" button below!