Re: Phix Linux 64 downloads
- Posted by monsieurb Oct 08, 2018
- 1667 views
Please do not ever do this.
OK, but why not? We're missing a few things in any case (checksums, a secure connection).
If I manually copy the commands and run them, I'm still trusting the payload is safe and that nothing malicious lurks in the executables. Also, when I see a tool that recommends installing the latest and greatest via a curl -sSL http://some.resource | bash type of approach, I remain fully at liberty to inspect that script first of all.
Having used Phix a few times, I now trust it and its author. If through no fault of Pete his site is compromised, well, the weak point in the chain is not necessarily the bash script itself.
But, I always doubted it would be helpful (why not just paste the above into a script file?)
In a word, convenience. If phix.x10.mx/latest.sh always 'pointed' to the latest version, my provisioning script can use that and it doesn't need to have a hard-coded version number.
With all this said, if there are grave concerns and I'm anyway the only one so far seeking this, I don't mind sticking to the existing approach one bit 
