I don't see what the issue is, my agent is already running as root.
replyYeah it has all the government logins and full gmail access. It will be too busy to bother rooting the local machine!
replyShouldn't be a problem, we're currently clean on OpSec.
replyGood thing we haven't normalized installing things with curl | sh
replyYeah, that's great!
replyImagine we would download random code from the internet and just execute it, like with NPM, PIP, Maven, Cargo etc.
cargo/uv/go have lock files though
replywith curl | sh you could use a checksum you download with curl!
replyI don’t think that matters as it’s usually curl | sudo sh
replyOr npm being allowed to run arbitrary post install scripts
replyI literally ship an installer that runs with curl | bash... reading this thread while patching my servers is a fun experience lol
reply[dead]
reply