<blockquote> Throughout that whole period, AOLserver still appears to
have been safer than Apache
</blockquote>
I'd be careful with statements like this. AOLserver
has FAR less market penetration that apache, so it is
less of a target (think back to the old days
where "Windows" was more secure than "Unix" because
it had fewer internet-related vulnerabilities. heh.)
Truth be told, I don't know that anyone has ever audited
AOLserver for format string or other such vulnerabilities.
I do know of several projects that have done so for Apache,
though.
Realize here, I'm not arguing one way or another. I'm just
pointing out that AOLserver has gotten FAR less attention,
both by the black hats and the white, and will probably
continue to do so for quite some time.
