native-api
commented
1 year ago Closed Elijas closed 1 year ago
native-api
commented
1 year ago 
robnagler
commented
1 year ago One important point: pyenv is designed to be installed by a non-root user to manage Python for an individual user (for the most part). One of the answers in the stackexchange addresses this. Several of the other answers assume a standard Linux package manager can be used.
@Elijas your concern about DNS applies to any type of download except with signed packages, which means you have to sign with a specific package manager for which you have known, valid keys. You certainly can install a specific version of Python with a package manager. However, most package managers do not dynamically download Python and compile it, which is the magic behind pyenv.
Elijas
commented
1 year ago That explains it, thank you!
Hi,
I'd like to ask about the safety of executing remote scripts (curl -> bash). It seems it could pose a major security risk, say if the edge node / DNS were compromised.
It could be argued that this pattern should be discouraged. What are your thoughts about this?