Re: what's your Debian uptime?
> > > Linux greer 3.2.6 #1 SMP Mon Feb 20 17:05:10 CST 2012 i686 GNU/Linux
> > >
> > > 22:35:31 up 412 days, 10:05, 1 user, load average: 1.18, 0.97, 0.44
> >
> > So you are over a year behind in installing security updates for the
> > kernel. (I know, if your machine doesn't have untrusted users and is
> > well removed or disconnected from the internet, then that doesn't really
> > matter).
>
> This must not be so. Look, In my case I used a self compiled kernel, with very
> few modules. And as the only security holes have been in kernel modules, I did
> not compile, I needed not to install a new kernel. Those modules were just not
> existent. KISS-style. It makes things more secure!
If you use a minimal config then I could believe that but bear in mind
Linus famous words of "a bugs a bug". Having looked for security issues
in a timely manner myself and having heard someone being very vocal
about a security related too like polkit having had atleast one
security bug fixed silently. I would still update. I wondered about
ksplice once but I believe security restrictions, perhaps grsecurity
prevented it from being used which made sense to me.
OpenBSD has only had something like two holes in over a decade which is
nice for uptime.
--
_______________________________________________________________________
'Write programs that do one thing and do it well. Write programs to work
together. Write programs to handle text streams, because that is a
universal interface'
(Doug McIlroy)
_______________________________________________________________________
Reply to: