Uptime vs. Kernel updates (was Re: [TriLUG] Prosperous New Year)
jonc at nc.rr.com
Tue Jan 3 21:04:27 EST 2006
I don't like to apply kernel updates unless it's for a vulnerability
that makes the machine accessible to an outsider. Over the past couple
of years I haven't seen one that allows an outsider to hack into my box
- though there have been a few that allow a local user to gain root.
Fortunately, I'm the only user on my Linux servers - and I *already*
have root access... so no biggie.
It's not the greatest systems philosophy - and not one I would apply if
I were working for someone besides myself. But it works for me. If I'm
wrong, I'm sure my Trilug buds will give me the slap down that I
On Tue, 2006-01-03 at 16:35, John Broome wrote:
> On 1/3/06, Rick DeNatale <rick.denatale at gmail.com> wrote:
> > I'm impressed.
> > I'm also a bit curious. As good as a long uptime is, what do you guys
> > do about security updates to the kernel? Sure you can get them via
> > apt-get, yum, whatever, but doesn't it require a re-boot to actually
> > start USING a new kernel?
> Most of my client machines only have ssh open to the world. As long
> as I keep that current (which generally doesn't require a reboot) i'm
> a-ok to let it keep cranking along without a reboot.
> "Nobody ever made money off the internet with a business model that
> required two hands"
More information about the TriLUG