[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: what's your Debian uptime?

On 04/17/2013 01:22 PM, Kevin Chadwick wrote:
Linux greer 3.2.6 #1 SMP Mon Feb 20 17:05:10 CST 2012 i686 GNU/Linux

  22:35:31 up 412 days, 10:05,  1 user,  load average: 1.18, 0.97, 0.44
So you are over a year behind in installing security updates for the
kernel. (I know, if your machine doesn't have untrusted users and is
well removed or disconnected from the internet, then that doesn't really
This must not be so. Look, In my case I used a self compiled kernel, with very
few modules. And as the only security holes have been in kernel modules, I did
not compile, I needed not to install a new kernel. Those modules were just not
existent. KISS-style. It makes things more secure!
If you use a minimal config then I could believe that but bear in mind
Linus famous words of "a bugs a bug". Having looked for security issues
in a timely manner myself and having heard someone being very vocal
about a security related too like polkit having had atleast one
security bug fixed silently. I would still update. I wondered about
ksplice once but I believe security restrictions, perhaps grsecurity
prevented it from being used which made sense to me.

OpenBSD has only had something like two holes in over a decade which is
nice for uptime.

If i am not mistaken, The OpenBSD Team recommends a clean installation every 6 month.

Reply to: