Show HN: Curl lama.sh – sh to start a web server anywhere (opens in new tab)

(lama.sh)

7 pointscsweichel6y ago8 comments

8 comments

So, this just downloads a web server written in Go and runs it? Why isn't this more explicit?

That's exactly right.

However, it does the downloading/starting in a really convenient manner. I wanted something I could just quickly type into a terminal without having to browse some GitHub release page.

caspervonb6y ago

Fair warning to users, you should never ever pipe something from the web directly into a shell.

I'm sure the author here has good intentions but, this is aimed at beginners (I'll assume, doubt anyone reasonably experienced would humor this) and teaching them a terrible idea.

csweichelOP6y ago

Not sure this statements holds in this general form - it's a very good idea to be cautious what you execute, but curl | sh is not much different from running npx for example. It's difficult to know know what will actually be executed on your machine, but at least shell scripts can be inspected/audited (as compared to packages with 100 dependencies).

That said, prior to piping anything to a shell it's advisable to inspect what is about to be executed. That's why the lama.sh script is super simple, as is the code of the web server it downloads and executes.

caspervonb6y ago

When are you dropping a cryptominer into it? ;-)

csweichelOP6y ago

no plans.

(but then, what else should I say :D)

OceanKing6y ago

Why not `python3 -m http.server`?

csweichelOP6y ago

Just in case you don't have Python :)

I got a tad fed up with having to remember the line for Python, Node and Ruby. This one works as long as you have bash and curl.

j / k navigate · click thread line to collapse

8 comments

cujic96y ago

So, this just downloads a web server written in Go and runs it? Why isn't this more explicit?

csweichelOP6y ago

That's exactly right.

However, it does the downloading/starting in a really convenient manner. I wanted something I could just quickly type into a terminal without having to browse some GitHub release page.

caspervonb6y ago

Fair warning to users, you should never ever pipe something from the web directly into a shell.

I'm sure the author here has good intentions but, this is aimed at beginners (I'll assume, doubt anyone reasonably experienced would humor this) and teaching them a terrible idea.

csweichelOP6y ago

caspervonb6y ago

When are you dropping a cryptominer into it? ;-)

csweichelOP6y ago

no plans.

(but then, what else should I say :D)

OceanKing6y ago

Why not `python3 -m http.server`?

csweichelOP6y ago

Just in case you don't have Python :)

I got a tad fed up with having to remember the line for Python, Node and Ruby. This one works as long as you have bash and curl.

j / k navigate · click thread line to collapse