If your going to execute the code anyway, you either have to inspect everything ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

limagnolia 10 months ago | parent | context | favorite | on: I'm switching to Python and actually liking it

If your going to execute the code anyway, you either have to inspect everything or trust whoever is providing it. There is nothing special about bash that makes it more dangerous to execute than python.

flyinghamster 10 months ago [–]

My issue is with $URL potentially getting hijacked, or even something like the kerfluffle over the PuTTY SSH client not residing at putty.org.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact