Cron - was Known vulnerabilities left open in Debian?
On Tue, 23 Mar 2004 08:19, Florian Weimer <email@example.com> wrote:
> No, it's another example for a package which heavily deviates from
> upstream (AFAIK, upstream is defunct) and is now developed by the
> GNU/Linux distributions (and each variant has a slightly different
> features). Despite this, the situation with cron is rather good;
> its complexity is not so high that it's close to impossible to port back
> security bugs.
Cron is a good candidate for a fork. Cron is not THAT difficult in terms of
coding, assembling a small team with representatives from all major
distributions to maintain a fork of Vixie cron should be doable.
Another option is using Dillon cron or fcron as a replacement.
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page