If you trust the author of tool you are installing and the installer is by the s... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jjnoakes on July 6, 2023 \| parent \| context \| favorite \| on: Joplin – An open-source note taking and to-do appl... If you trust the author of tool you are installing and the installer is by the same author, then why wouldn't you trust the installer too? > It's 100% trivial to have it run rm or shred on all files you have access to while simultaneously printing correct looking install progress messages. The same is true of the tool itself, too.

duckmysick on July 6, 2023 [–]

Yes, hence the trend of moving to sandboxed apps with limited access to your files (and other capabilities).

jjnoakes on July 7, 2023 | [–]

The install method itself is not unsafe when compared to most other install methods. It gets a bad rap for no reason.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact