is calling remote bash script via https which then call another bash script with http considers secure?

0

It might be a silly question but I will go for it anyway…

due to some backward compatibility I only adjusted part of the calling script chain. there is a reason why I call it twice but let's leave it for now.

so does calling remote bash script via https which then call another bash script with http consider secure?

something like this:

  curl --capath /certdir/ https://mydomian.com/scripts/script1.sh | bash

script 1 look like this:

  curl http://mydomian.com:1080/scripts/script2.sh | bash

Asaf Magen

Posted 2016-07-03T14:28:36.973

Reputation: 113

Answers

0

If you're in any way worried about security, use HTTPS for both.

I doubt that you would ever be attacked that way, but we never know and the way you allow the script to run automatically is quite risky. Note that all systems that access that file become vulnerable should the server get compromised.

Julie Pelletier

Posted 2016-07-03T14:28:36.973

Reputation: 2 065

Asked: 2016-07-03T14:28:36.973

Viewed: 28 times

Active: 2016-07-03T14:37:11.503