Marc G. Fournier wrote:
On Thu, 16 Feb 2006, lars wrote:
If your machine only runs an NFS daemon and is behind a firewall,
ok, you don't need to patch it asap when an NFS SA and patch is
issued, if all clients connecting to the machine are benign.
Actually, there are alot of situations where this sort of thing is
possible ... hell, I could probably get away with running a FreeBSD 3.3
server since day one, that has all ports closed except for sshd,
imap/pop3/smtp, and be 100% secury ... sshd can be easily upgraded
without a reboot, with the same applying to imap/pop3/smtp if I use a
port instead of what comes with the OS itself ...
You can say you are losing out on 'stability fixes', else the server
itself wouldn't stay up that long ... so about the only thing you lose
would be performance related improvements and/or stuff like memory
leakage ...
And I could do this all *without* any firewalls protecting it ...
Even if you managed to maintain an old version of a particular OS's uptime
for so long, what did you prove?
At a time where some OS couldn't even keep it up longer than a day,
having a long uptime may have been a 'feature'.
IMHO 'uptime' as a 'feature' is overrated, not to say obsolete.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
