On Tue, Dec 26, 2023 at 04:49:13PM -0500, Roy J. Tellason, Sr. wrote: > On Tuesday 26 December 2023 09:34:00 am Andrew M.A. Cater wrote: > > Living offline is not really feasible anymore - there are too many security > > updates needed. > (snip) > > Linux distributions do update and you should ideally be running the latest > > most up to date security patches. > > I must be missing something here. If one is running a system that's NOT > net-connected, why is security so important an issue? >
You always have to hope that it remains not connected :) Remembering that each point update introduces fixes which may clear previous problems, it is always worth keeping the system up to date. Given the inadvertent upstream kernel problems we gained during the 12.3 release which resulted in 12.4 and that we then needed 12.5 relatively immediately to solve problems that some users had - if you'd _only_ had the 12.4 medium, you might have had problems which could only have been fixed by being net connected to pick up the appropriate kernel. Just because you have a (relatively) isolated system doesn't mean that your system shouldn't be consistent, patched and up to date which will allow you to be sure that known vulnerabilites have been addressed. There's nothing like the joy of inheriting a system tucked away somewhere that hasn't been updated or rebooted in five years and not knowing what you might expect when logging in, what services are running or what will happen if you have to reboot. Marginally better because you know about it then finding the system that everything depends on is undocumented, running on a system with dead disks in the RAID and that has just been bounced by the unscheduled power outage when the UPS failed .. > -- > Member of the toughest, meanest, deadliest, most unrelenting -- and > ablest -- form of life in this section of space, a critter that can > be killed but can't be tamed. --Robert A. Heinlein, "The Puppet Masters" > - Sounds like a project manager imposing random requirements :) All the very best, as ever, Andy Cater (amaca...@debian.org) > Information is more dangerous than cannon to a society ruled by lies. --James > M Dakin >