LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for November 27, 2008

LWN.net Weekly Edition for November 20, 2008

MinGW and why Linux users should care

LWN.net Weekly Edition for November 13, 2008

NLUUG/ELCE: Embedded devices and free software

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Security updates for old Red Hat releases

Security updates for old Red Hat releases

Posted Nov 20, 2003 15:52 UTC (Thu) by RobSeace (subscriber, #4435)
In reply to: Security updates for old Red Hat releases by simlo
Parent article: Security updates for old Red Hat releases

I deal with 2 RH6.2 machines regularly, and have a REALLY old RH5.2 machine
sitting in the other room from me now... (The latter has currently been up
about 124 days...) The "end of life" of these releases isn't really as
scary as it might seem... Yes, when a major security hole comes up in
something you're running on these machines, you're pretty much on your own
to fix it... And, yes, sometimes that can be a real pain... (I certainly
wouldn't recommend anyone who isn't a programmer attempt to maintain old
releases on their own like this... You often have to get down and dirty
with the source, and fix up busted patches, or just code up the fix yourself
because no backported patch is available and the new one is too different to
apply, etc... It's not for the weak of heart... ;-) But, for a coder, it's
not really anything too difficult to cope with...) BUT, thankfully that seems
to be a fairly rare occurance... Yes, I've had to patch up sendmail and
sshd a couple times... But, that's about it... Over the course of I can't
even remember how many years that RH5.2 box has been around... We're talking
maybe 1 or 2 issues per year, at the most... No, that's not patching every
little thing that comes up; only the stuff that actually MATTERS for your
system... Eg: if you don't run sshd, there's no reason to patch it, since
it won't impact your security, one way or the other... And, it's also
still going with the back-porting approach, in general when possible, rather
than upgrading to the latest and greatest spiffy new versions... There are
many many cases where you'll see a series of repeated frequent bug reports
which only impact the newest version, due to some new feature they added
or some code rewrite they did, or something... With an older version, it's
generally more stable and proven, and you're probably best off not trying
to upgrade until you upgrade the entire system... (Of course, as with
everything, there ARE exceptions to this rule...) But, in my experience,
on this old EOL'd systems, there really aren't a constant flux of holes you
need to keep busy patching every single day, or anything... Things do come
up sometimes, but they seem fairly rare to me... *shrug*

(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds