Re: what's your Debian uptime?

["Hans-J. Ullrich" <hans.ullrich@loop.de>]

It is interesting. Whenever I someone is telling of big uptime, the arguiment 
is: 

Your server can not be secure! You have an old kernel! You MUST install/update 
the newest kernel and of course reboot.

But this is not correct. For which reason a new kernel is necessary? 

1. If there are extrem changes in the environment (unsupported new hardware or 
major software changes)

2. Security issues

But a kernel can stay very, verry long time. On machines, where you do not 
change hard or software  (i.e. new filesystems like btrfs), an old kernel will 
work perfectly.

Security issues, which affect modules, but not the kernel itself, may not cause 
the need of a new kernel. When people lik me and others on this list, are 
using a very small kernel, with minimalistic modules, and the security issues 
affect modules, which are not built nor installed, then there is no need, to 
install a new kernel.

So it is wrong to conclude and to say: Hey, your uptime is high, this 
concludes to an unsecure host due to an old kernel. To say so, is a big 
mistake! 

Just to clear things. :)

Anyway, let's have fun at hacking.

Best regards

Hans