If I follow instructions from a blog or Ask Ubuntu, etc, is it always safe?
TL;DR No, you are not 100% safe. Or with other words, think twice. ;)
Don't execute code snippets without understanding the basics. Use man
to learn more about a command or a program. Use Google or an other search portal if you don't understand. And if you still doubt, simply do not execute the code.
Do you trust me? Then run:
man man
Ok, not dangerous, you see the man-page of man
But what about the code below, do you trust me?
$(perl -MMIME::Base64 -0777ne 'print decode_base64($_)' <<< "ZWNobyAnQk9PSCEnCg==")
Not? Good idea. Let's breakdown the code:
-
perl
The Perl language interpreter
-
-MMIME::Base64
Encoding and decoding of base64 strings
-
-0777ne
-0777
- Changes the line separator to undef, letting us to slurp the file, feeding all the lines to Perl in one go.-e
- (execute) flag is what allows us to specify the Perl code we want to run right on the command line.-n
- Feed the input to Perl line by line. 'print decode_base64($_)'
- Decodes a string, the string is saved in$_
."ZWNobyAnQk9PSCEnCg=="
- And this? What is this?
Let's start a test.
We know, it's something like base64 and it looks encoded. Therefore decode the string with:
base64 --decode <<< "ZWNobyAnQk9PSCEnCg=="
And the output is … ok, not really dangerous:
echo 'BOOH!'
Now, we can do the same with perl
perl -MMIME::Base64 -0777ne 'print decode_base64($_)' <<< "ZWNobyAnQk9PSCEnCg=="
And the output is, what a surprise:
echo 'BOOH!'
But was it dangerous? This is dangerous:
$(…)
This construct executes the output of the commands in the round brackets.
Let's try it, do you trust me?
$(perl -MMIME::Base64 -0777ne 'print decode_base64($_)' <<< "ZWNobyAnQk9PSCEnCg==")
'BOOH!'
And what's about
c3VkbyBraWxsYWxsIG5hdXRpbHVzCg==
Try it out … Do you trust me?
My general assumption on this would be yes, because the guys here at askUbuntu usually know their way around.
However, in general I always like to understand what I'm doing, so if you get an answer with a command / syntax you're not familiar with- just ask for a wider explanation. I'm sure that the person that helped in first place wouldn't mind on sharing his further knowledge..
Good luck and you've made the right choice with Linux- miles better than the competitors!! :-)
Some blogs are definitely a lot better than others. And yes, it's hard for beginners to tell the difference.
Number one, make sure the instructions are for your version of ubuntu. Non lts releases only last for 9 months or so. Blog posts last a lot longer. And what worked for older releases often don't on newer ones.
Also, don't do it if they don't explain how to undo the changes if it doesn't work and you don't know how.
Many blogs tell you to install from a 3rd party ppa, even when the app is in the ubuntu repos. None of that stuff is beta tested for your kernel release. I don't have any ppa's in my software sources and won't unless it's really necessary.
Try looking at multiple blogs which address a certain issue. There may be details that one blog addresses but another does not. I would also suggest you keep a log of the changes you make in case you need to revert them in the future. And if something comes to worse, you can always reset Ubuntu to its default configuration.