• netburnr
    link
    English
    2311 months ago

    Not rebooting for security patches isn’t something to be proud of.

    • @[email protected]
      link
      fedilink
      411 months ago

      On the other hand, network partitioning and security that means you don’t have to reboot an internal device for security patches is something to be proud of.

      On my site we have tons of archaic, unpatchable industrial devices.

    • @ForgotAboutDre
      link
      311 months ago

      It is if the reason is there are no security vulnerabilities to patch, which is highly unlikely. When you bought things they used to be fully functional and working for the rest of their life. Now we expect everything to be broken and require constant revisions, it’s terrible we expect all software to be of such a low quality that it’s ships with vulnerabilities.

      • @j4k3
        link
        English
        211 months ago

        There are ways to apply patches without rebooting but it requires super advanced understanding of the kernel, individual packages, and how they work. Rebooting is just the idiot’s catch-all solution. One of Red Hat’s biggest selling points is their live patched kernel. It takes a kernel hacker level of understanding to pull off live patching on your own.

        • @maryjayjay
          link
          2
          edit-2
          11 months ago

          Oracle Unbreakable Enterprise Linux patches the kernel live when you dnf update