I understand that it’s better to have less dependencies. And I understand that a... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		rmetzler on Sept 10, 2020 \| parent \| context \| favorite \| on: WireHole: Set up Pihole, WireGuard, and Unbound in... I understand that it’s better to have less dependencies. And I understand that a pipe to bash thing can do more than a naive user would think. But the header of get.docker.com doesn’t pipe directly to bash anymore. You can inspect the downloaded shell script or compare hashes.

byteknight on Sept 10, 2020 [–]

The problem is where do we automate the pulling of the hash to verify against? I do not know of a source.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact