On the other hand, network partitioning and security that means you don’t have to reboot an internal device for security patches is something to be proud of.
On my site we have tons of archaic, unpatchable industrial devices.
It is if the reason is there are no security vulnerabilities to patch, which is highly unlikely. When you bought things they used to be fully functional and working for the rest of their life. Now we expect everything to be broken and require constant revisions, it’s terrible we expect all software to be of such a low quality that it’s ships with vulnerabilities.
There are ways to apply patches without rebooting but it requires super advanced understanding of the kernel, individual packages, and how they work. Rebooting is just the idiot’s catch-all solution. One of Red Hat’s biggest selling points is their live patched kernel. It takes a kernel hacker level of understanding to pull off live patching on your own.
Not rebooting for security patches isn’t something to be proud of.
On the other hand, network partitioning and security that means you don’t have to reboot an internal device for security patches is something to be proud of.
On my site we have tons of archaic, unpatchable industrial devices.
It is if the reason is there are no security vulnerabilities to patch, which is highly unlikely. When you bought things they used to be fully functional and working for the rest of their life. Now we expect everything to be broken and require constant revisions, it’s terrible we expect all software to be of such a low quality that it’s ships with vulnerabilities.
There are ways to apply patches without rebooting but it requires super advanced understanding of the kernel, individual packages, and how they work. Rebooting is just the idiot’s catch-all solution. One of Red Hat’s biggest selling points is their live patched kernel. It takes a kernel hacker level of understanding to pull off live patching on your own.
Oracle Unbreakable Enterprise Linux patches the kernel live when you dnf update