I ask because I've been looking into Miniconda (https://repo.anaconda.com/miniconda/Miniconda3-py39_4.9.2-Linux-x86_64.sh), and the installation shell script has TONS of binary data starting at line 577. I ended up checking the shell script because Google Chrome flagged it as potential harmful. I know, it's just Google Chrome, and any shell script may harm your computer, however the binary data starting at line 577 kinda scared me a little... if it's not normal for installation shell scripts to contain a binary payload like that, then there's no way I'm installing it. But if it's normal, then I'll feel much better about installing Miniconda.
Asked
Active
Viewed 138 times
0
-
The binary info is the thing that's getting installed ... – schroeder May 28 '21 at 15:08
-
That makes sense. I just had no idea that shell scripts can contain and execute binary data. – TeknoBen May 28 '21 at 15:17
-
So you would say it's safe to install? – TeknoBen May 28 '21 at 15:17
-
I can't determine that. But as for "is it normal" the answer is yes. Install scripts have to handle the binary to install. – schroeder May 28 '21 at 15:35
-
Alright, I gotcha. That still helps me a lot. Thanks. – TeknoBen May 28 '21 at 15:36
1 Answers
3
It's normal-ish; such a file is often called a 'sharball' (shell script + tarball). It's a way to send files (the tarball) and the method for extracting and manipulating them (the shell script) together in a single easily distributed file.
As to whether it's safe to run, that's a question you should ask with any shell script you're asked to run, not just those with binary content. It boils down largely to trust in the distributor of the file.
gowenfawr
- 71,975
- 17
- 161
- 198
-
Thanks for the detailed answer. I know Anaconda/Miniconda have been around for a while, and a lot of people use Conda virtual envs, so they should be trustworthy. I just needed to clear up whether or not they were hiding something at the end of the file. Thanks again. – TeknoBen May 28 '21 at 15:51