[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: atd - can I remove it if I don't use at?


Red Hat security is always lousy ;)

Unlike Red Hat, Debian gets security bugs and such fixed in a timely
manner, especially if you are using the current `unstable' distribution
(which is presently `woody'); `at' should be fine. Be sure to get security
updates from security.debian.org if you do not use unstable...



PGP/GPG Fingerprint:
  EFD1 AC6C 7ED5 E453 C367  AC7A B474 16E0 758D 7ED9

Version: 3.12
GCS/CM>CC/IT d- s:+ a16 C++(++++)>$ UL++++>$ P---() L+++>+ E+>+ W+(-) N o? K? w--() 
!O M- !V PS+>+ PE- Y+ PGP t+ !5 X-- !R tv b DI D++ 
G>+++ e-- h! !r y 

On Tue, 26 Sep 2000, Mo Zhen Guang (SLDT) wrote:

> I read of an article about redhat linux security, here is excerption about
> atd
> --------------------
> 	This scheduling daemon schedules "jobs" for later execution. You
> could use at to tell atd to run "ps -ef > /root/jay " in two hours, just to
> find out what processes are running then. Unfortunately, there's been a rich
> history of security problems in the at / atd program pair. Fortunately, the
> same basic functionality can be found in crond , which is a wholly necessary
> daemon. Disable atd , and its associated program /usr/bin/at, by running: 
> 	# chkconfig atd off 
> 	# chmod 000 /usr/bin/at 
> -----------------------
> I was wondering if I should do the same on Debian when I never use at
> command , or some other debian packages depend on atd for self maintenance
> so I have to keep it? (when I tried to remove at package with dselect, no
> dependency problem arise)
> Thank you
> Mo
> --  
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: