Henrique de Moraes Holschuh wrote: > "at" has a very bad history security-wise, and I really doubt anyone is > seriously maintaining and fixing that thing. Now, if someone would rewrite > from scratch an "at" designed and implemented for security, that would be > very cool indeed. at had one security hole that I know of, back in 2002; a double-free bug. It's hard to call that a very bad security history; cron and fcron have both had more security holes than that, so has vim, so has emacs, so has glibc. Random useless stats mode: Since the release of woody, some 2834 security holes tracked by the testing security team have afected 892 distinct packages; of these 493 holes were the only hole found in a package, and at the other end of the spectrum, 493 total holes were found in a set of just 7 packages. I know which set of packages I'd be more concerned about having installed, and it's not the set containing at (1 hole), it's the set containing mozilla-firefox (92 holes). -- see shy jo
Attachment:
signature.asc
Description: Digital signature