On Sun, Apr 12, 2020 at 12:25:16PM -0400, Celejar wrote: [...]
> Exactly. So if I trust the Sandstorm community (for example - I know > nothing about them), then I'm not sure that there's any particularly > great risk in installing their product via "curl | bash", and if I > don't trust them, I shouldn't install their product via any other > mechanism either. That's it. OTOH, for me (YMMV), trust depends on how I perceive their efforts to set up a (to me, again) meaningful security infrastructure. Cheers -- t
signature.asc
Description: Digital signature
