[Total OT] Trying to improve some numbers ...
lars at gmx.at
Fri Feb 17 07:52:36 PST 2006
Marc G. Fournier wrote:
> On Thu, 16 Feb 2006, lars wrote:
>> If your machine only runs an NFS daemon and is behind a firewall,
>> ok, you don't need to patch it asap when an NFS SA and patch is
>> issued, if all clients connecting to the machine are benign.
> Actually, there are alot of situations where this sort of thing is
> possible ... hell, I could probably get away with running a FreeBSD 3.3
> server since day one, that has all ports closed except for sshd,
> imap/pop3/smtp, and be 100% secury ... sshd can be easily upgraded
> without a reboot, with the same applying to imap/pop3/smtp if I use a
> port instead of what comes with the OS itself ...
> You can say you are losing out on 'stability fixes', else the server
> itself wouldn't stay up that long ... so about the only thing you lose
> would be performance related improvements and/or stuff like memory
> leakage ...
> And I could do this all *without* any firewalls protecting it ...
Even if you managed to maintain an old version of a particular OS's uptime
for so long, what did you prove?
At a time where some OS couldn't even keep it up longer than a day,
having a long uptime may have been a 'feature'.
IMHO 'uptime' as a 'feature' is overrated, not to say obsolete.
More information about the freebsd-questions