Comment by alright2565
2 days ago
If you can't understand that command before pasting it in your terminal, then you probably shouldn't be editing the Arch Linux wiki.
2 days ago
If you can't understand that command before pasting it in your terminal, then you probably shouldn't be editing the Arch Linux wiki.
My issue with this style of verification is more that it normalises running commands right in the terminal. Commands that come from place you kind of trust. And poof at some point it will contain some nefarious code. Instead of using a package manager (the curl to bash variant) or running these commands in a container/vm.
Arch Wiki's core content is instructions of what commands to run right in the terminal.
Agreed, this is the first thing I thought of too. Don't teach people to paste unknown commands into their terminal!
They have a similar command for the Arch Linux forum, where beginners are encouraged to ask questions
Then write and highlight exactly that! ( e.g. "Never copy or execute code you do not understand! This is only for people who already know what will happen! Confirm:")
Forget about teaching people bad patterns. It's annoying when others assume everyone experiencing something under the same context and considers the same things as them.
To be fair, just because you understand the code you see doesn't mean its safe to copy-paste. Many of these compromised sites will show something that appears to be a benign command but will be something entirely different when you copy them.
Not good to get people into the habit of copying and running code in their terminal.
Also you need, to some extent, to understand that it’s something to execute in a terminal, because it doesn’t tell you that bit.