Re: Kernel upgrades = security upgrades

[Seth R Arnold <sarnold@willamette.edu>]

On Tue, Sep 28, 1999 at 05:19:24PM -0400, Fraser Campbell wrote:
> I realize the kernel is a very special piece of software but still see no
> reason why it is treated differently from normal software.  Perhaps the
> upgrade process depends on the virtual package kernel-image which I don't
> seem to have installed?

On most normal machines, I can see your point. However, there are many
machines where things are wierd, wild, wacky, and the kernel-builder needs
to take special effort to get the kernel to work on their machine.

Another reason why it shouldn't be replaced with every apt-get upgrade is
that software can only be replaced when it is not running. The kernel will
never not be running -- so it takes effect at reboot. I *HATE* changing
things that affect the booting process and  then waiting a while to reboot;
if something I did broke the boot process, I am not sure I would remember it
three weeks down the road, when the power goes out and I have to turn the
machine off since UPS only last so long.. :)

Kernels are just too special to do this.

*MAYBE* the hurd will have this option. Maybe it does already. <shrug>


-- 
Seth Arnold | http://www.willamette.edu/~sarnold/
Hate spam? See http://maps.vix.com/rbl/ for help
Hi! I'm a .signature virus! Copy me into
your ~/.signature to help me spread!