image caption: A Microsoft Windows screen showing “Active Hours” with start time set to 12 AM and end time set to 12 AM and an error that says “Choose an end time that’s no more than 18 hours from the start time”.

  • Skull giver@popplesburger.hilciferous.nl
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    4 months ago

    Linux can patch the executables on disk (as can Windows, with more trickery) while the system is running, but this still leaves the running processes in a vulnerable state.

    The Linux kernel can be replaced on the fly, but this isn’t enabled on most distros. Even with it enabled, kpatch/livepatch isn’t a universal fix.

    Replacing /usr/bin/firefox doesn’t fix anything if you don’t restart Firefox itself. The write lock on a running process isn’t what’s preventing Windows from being patched without a reboot.

    • Kusimulkku@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      4 months ago

      I don’t know what Windows needs to do to get as good of a state as Linux but you rarely need to do a full reboot as you seemingly are forced to do on Windows.

      • Skull giver@popplesburger.hilciferous.nl
        link
        fedilink
        English
        arrow-up
        1
        ·
        4 months ago

        Just because your computer doesn’t tell you it needs to reboot doesn’t mean you don’t need to reboot to apply updates. It doesn’t take long for most processes in htop to show up as yellow, including the ones necessary to keep my desktop session and other system daemons running.

        Maybe I’m the crazy one for not logging in/out more and not systemctl restarting everything every day, but I’m doing a lot more restarting on Linux than I ever need to do on Windows.

        • Kusimulkku@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          4 months ago

          It does tell me. Zypper tells it outright and you’ll get a list with zypper ps -s. But like said, it’s very rare that you need to actually reboot. Restarting apps or services suffices.

          I’m doing a lot more restarting on Linux than I ever need to do on Windows

          Don’t know what’s up with that. With Windows it nagged about rebooting constantly. Seemingly every update. Meanwhile Linux can be just fine without, some stuff you need to restart but actual reboot is much rarer.

    • barsoap@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      4 months ago

      Replacing /usr/bin/firefox doesn’t fix anything if you don’t restart Firefox itself.

      On my box updating firefox and then restarting it won’t even launch the new version because NixOS knows I’m logged in and won’t just change things in my environment. But unless there’s a kernel update yes nixos rebuild switch followed by logging out and logging in is equivalent to rebooting as it will automatically shut down and restart all system services, I think even systemd itself. Modulo some wibbles around kernel modules but those fall under kernel updates in my book.

      Contrast Ubuntu, which really likes to prompt your for reboots. The difference between a distro primarily for desktop use and one that can also do desktop because also devops want a desktop. Hey I could spin up 1000 cloud instances of my desktop with a couple of keystrokes isn’t that impressively useless :)