Backup tool?

[Daniel Robitaille]

> I took a look at Mondo a couple of years ago when I was looking fora
> general purpose backup tool.
> 
> Its specs are terrific, and I like the fact it uses afio (also a greate
> little archiver).
> 
> However, the code back then was full of security holes, it regularly
> uses the system() function without checking the input.
> 

Mondo is currently both in Ubuntu's universe and in Debian.  On purely
theoretical point of view, if a package was so bad from a security
point of view, and if the upstream author(s) wasn't interested in
their resolution, could it lead the package to be totally dropped from
Debian/Ubuntu simply due to it's unsafe condition.

Personally I'm only an end-user and I don't have the technical
knowledge to read the C source code of a package like this one, and
judge for myself if it's still good or bad now compared to John's
experience a few years back. So I depend on knowledgable people who
will do (have done?) the auditing exercise and make sure the current
package that I can very easily install from Ubuntu's universe is safe,
or at least safer than before.