Commit 4fa4e5fe authored by Donncha Ó Cearbhaill's avatar Donncha Ó Cearbhaill Committed by Marc Cornellà
Browse files

Use HTTPS for manual git clone to avoid MITM (#6043)

The git:// transport is completely unauthenticated. An attacker on the local or upstream network can easily man-in-the-middle an oh-my-zsh update and get remote code execution on your system. Only the https:// git transport should be used.
parent ccd02866
......@@ -141,7 +141,7 @@ export ZSH="$HOME/.dotfiles/oh-my-zsh"; sh -c "$(curl -fsSL https://raw.githubus
##### 1. Clone the repository:
```shell
git clone git://github.com/robbyrussell/oh-my-zsh.git ~/.oh-my-zsh
git clone https://github.com/robbyrussell/oh-my-zsh.git ~/.oh-my-zsh
```
##### 2. *Optionally*, backup your existing `~/.zshrc` file:
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment