-
Notifications
You must be signed in to change notification settings - Fork 13.6k
Closed
Labels
E-easyCall for participation: Easy difficulty. Experience needed to fix: Not much. Good first issue.Call for participation: Easy difficulty. Experience needed to fix: Not much. Good first issue.
Description
Someone on hacker news pointed out that bad things could potentially happen if the running of curl https://static.rust-lang.org/rust.sh | sh
gets truncated on a bad line. We should audit the code to make sure that can't happen. Maybe we could write the actual rustup.sh and verify it with a checksum before we execute it?
Metadata
Metadata
Assignees
Labels
E-easyCall for participation: Easy difficulty. Experience needed to fix: Not much. Good first issue.Call for participation: Easy difficulty. Experience needed to fix: Not much. Good first issue.
Type
Projects
Milestone
Relationships
Development
Select code repository
Activity
huonw commentedon Nov 21, 2014
This would theoretically be resolved by putting the whole script into a function that then gets executed at the very end, so nothing happens until that is reached, e.g.
(Tagging as E-easy due to this, I believe the file is available in
src/etc
.)auto merge of #19170 : erickt/rust/rustup, r=erickt