curl | sudo bash isn't a security issue (on Linux)
When I want to try out a new tool and its “Getting Started” page kicks off with curl https://thingy.dev/install.sh | sudo bash, I usually turn 360° and walk away1. It’s not worth it.
But this is not because I’m worried about security. In fact I don’t think there’s any real security issue with the curl | sudo bash here.
To understand why, let’s start by considering what happens if we drop this sudo. Is curl | sudo bash more of a security risk than plain curl | bash? I don’t think so, because there’s no significant security boundary between users on Linux. There are two reasons for this:
Almost everything of real-world interest on a typical desktop GNU/Linux system is trivially accessible to the primary unprivileged user2.
Attackers who can run arbitrary code can quite easily access other users' data, or gain a persistent foothold, or whatever else, by becoming root, because Linux is broken.
