existential type crisis Don't Pipe to your Shell Thu 31 October 2013 in: programming Piping wget or curl to bash or sh is stupid. Like this: wget -O - http://example.com/install.sh | sudo sh It's everywhere . Sometimes they tell you to ignore certificates as well (looking at you, Salt). That's dumb. The main reason I think it's dumb (other than running arbitrary commands on your machine that could change based on user agent to trick you) is its failure mode. What happens if the connection closes mid stream? Let's find out. ( echo -n "echo \"Hello\"" ; cat ) | nc -l -p 5555 This will send a command to whoever connects, but won't send the newline. Then, it'll hang. Let's connect the client: nc localhost 5555 | sh At first, nothing happens. Great. What will happen if we kill -9 the listening netcat? Will sh execute the partial command in its buffer? Yes. nc localhost 5555...