ksplice
April 27th, 2008 by webstersprodigy
‘Rebootless Linux Kernel Security Updates’
“I’ve been pursuing this project because I don’t like dealing with reboots whenever a new local kernel security vulnerability is discovered. The rebootless update practices/systems that are already out there require manually constructing an update (through a process that can be tricky and error-prone), and they tend to have other disadvantages as well (such as requiring a custom kernel, not handling inline functions properly, etc). This new system works on existing kernels, and it simply takes a unified diff as input and does the rest on its own.”
http://kerneltrap.org/Linux/Ksplice_Rebootless_Linux_Kernel_Security_Updates
This is mostly a good thing, but I see some possible bad implications as well.
First, I’ve never been one to really understand the whole sysadmin fascination with having huge ‘uptimes’ (eg $ uptime
17:17:46 up 9 days, 3:14, 13 users, load average: 0.31, 0.29, 0.27). I’ve known sysadmin who go to runlevel 0 rather than a reboot. What’s the point?
Anyway, I try to keep my percent as high as possible, sure, but as long as you plan your reboots ahead of time and have your backup system in place I like rebooting every once in awhile so I’m sure that in case of an emergency it will actually reboot. Though I’ve never read an official statistic on the matter, it seems i have many more failures on reboot than any other time – especially hw failures. Not to mention software eg your bootloader possibly getting fubared up in some software update.
The bad news is that ksplice makes it easier than ever for an intruder with root to change your settings (eg tripwire stuff). Before, this would have at least normally required a reboot which is something most sysadmins will naturally look into. Rebootless kernel patching has been around for awhile, but never has it been so easy.
If nothing else, ksplice is something to be aware of.