On Mon, 2003-08-04 at 18:24, Jesse Keating wrote: > No, but at the same time lets not try to force the thought down the > user's throat that they must run every errata kernel that comes out. > Quite often an errata kernel will come out that only touches on a > security flaw in a section of the kernel that isn't used by the > majority of the userbase. There is no sense in updating the kernel if > the errata doesn't apply to you. The practice we should preach is > reading the errata notices and the changes and see if the new update is > really necessary for your implementation. Starts to make more sense > when you have a change control board you have to ok every update > through, and have to show real cause to do the upgrade. > I kind of agree, been giving a lot of thought to an isolated linux box running 2.4.20-18, and the shrike-original nfs-utils. Bottom-line I came to is that I can't be sure that in the future somebody won't start using nfs. For my own box, my memory isn't good enough to drop errata, I might suddenly come across loads of spare time (no motiviation to do real work), and then start using new features- all of which I previously ignored when it came to adding erratas. Droping updates is ok if you have people in place that understand the need, and can keep track of what wasn't updated on which machines, tack when roles of machines change- but I think updates should be treat as a priority, ok it's in a PITA to re-compile bits and pieces, but that should be addressed and changed. -- Regards, Adam Allen. adam@xxxxxxxxxxxxxxxxxxxxxxxx pgp http://search.keyserver.net:11371/pks/lookup?op=vindex&search=adam%40dynamicinteraction.co.uk
Attachment:
signature.asc
Description: This is a digitally signed message part
