[tor-relays] Linux kernel vulnerability

Tristan supersluether at gmail.com
Mon Oct 24 03:12:49 UTC 2016


Rebooting also makes sure updates are applied correctly. If a shared
library updates, the old version is still in use until whatever program
using it stops, and the new version is loaded on the next run.

On Oct 23, 2016 10:07 PM, "Duncan Guthrie" <dguthrie at posteo.net> wrote:

> Hi folks,
>
> I think this is a very extreme and unnecessary solution. While it is good
> to keep relays up, this may be unreliable. It is good to perform
> maintenance regularly, and reboots are often best.
> Also, it appears to be proprietary technology. I would not advise
> proprietary technology on a Tor relay as it opens up a whole other can of
> worms, who controls the software etc.
> Can people really not afford to reboot once a month or similar? Uptime is
> good but the only reliable way to apply kernel updates has always been
> reboots. Restarting also can apply updates to certain system services as
> well, if I am correct.
>
> -- D
>
> On 23 October 2016 09:42:38 BST, Jonathan Baker-Bates <
> jonathan at bakerbates.com> wrote:
>>
>> I know some people using this for applying kernel updates without
>> rebooting, but don't know how good it is:
>>
>> https://www.cloudlinux.com/all-products/product-overview/kernelcare
>>
>>
>>
>> On 23 October 2016 at 09:16, nusenu <nusenu at openmailbox.org> wrote:
>>
>>> > Second, you will reduce the uptime and stability of
>>> > your relay, thus it will lose consensus weight if you reboot the
>>> machine
>>> > once a day.
>>>
>>>
>>> Unattended-Upgrade::Automatic-Reboot "true";
>>>
>>> Does not reboot your machine "once a day", it reboots when a new kernel
>>> requires a reboot. Which on Debian stable / Ubuntu LTS is far from being
>>> a daily event.
>>> And the frequency of reboots actually should not differ compared to
>>> manual reboots.
>>>
>>>
>>> _______________________________________________
>>> tor-relays mailing list
>>> tor-relays at lists.torproject.org
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>>
>>>
>> ------------------------------
>>
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
>>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20161023/eff1f748/attachment.html>


More information about the tor-relays mailing list