• Reasons why to update on-demand software with security updates


    I’ve been asking myself the question how important it is to update installed software on either desktops or servers that only run on demand to fix security holes. Say for example archiving software that only runs when you open it or an archive file or the JRE or JDK that I only use for one software, say for example Netbeans. What if my currently installed version contains some kind of security hole. Would it be really necessary to update that software, even though the Java or archiving software don’t always run in the background and listen to the outside through some open port?

    This is the opposite of software that actually runs always in the background and listens to an open port, like web servers, and are more a security issue due to remote attacks or browsers that are used on a daily basis and can be attacked through malicious client side code, where the security threat is more obvious.

    Is it really necessary to update such software with the latest security updates, even though there is more a risk of unstability due to frequent updating compared to being a victim of an actual attack?

    -= PC =-
    Antergos & Windows 7 Pro | Asrock x370 K4 - Ryzen 1600 - GTX 950 (replace with Radeon 570/580/Vega) - 16GB DDR4 2400 - Samsung 960 pro 512GB (Windows) + Samsung 850 EVO 256 GB (Antergos) + 2x 2TB HGST HDD + 1TB Seagate HDD - RM550x Gold PSU

  • I would say letting outdated softwar,e in between updated to the latest will caus also instability, mainly because, partly updates are not supported by pacman.

    [updates once a week] = [90% less problems]
    [Li{u}n//u//{i}x] since 1988 - overcoming failure means success
    http://kamprad.net/howto-installing-antergos/
    https://forum.antergos.com/topic/1883/how-to-include-system-logs-when-asking-for-help

  • @joekamprad Thanks for your input, but I’m talking more general. Software with security holes on any kind of OS

    -= PC =-
    Antergos & Windows 7 Pro | Asrock x370 K4 - Ryzen 1600 - GTX 950 (replace with Radeon 570/580/Vega) - 16GB DDR4 2400 - Samsung 960 pro 512GB (Windows) + Samsung 850 EVO 256 GB (Antergos) + 2x 2TB HGST HDD + 1TB Seagate HDD - RM550x Gold PSU

  • Honestly, I don’t see anything wrong with keeping them outdated, other than the fact that at some point they will probably HAVE to be updated in order to work with the rest of the system properly. When / if that time comes, it could be a real hassle to do so.

    There. That’s my opinion, but maybe others’ will differ. Who knows? Maybe I will end up learning something from someone else?

    Keep trying, never give up. In the end, you will find that it was all worth it

    https://sourceforge.net/projects/antergos-deepin
    https://linuxbasicssite.wordpress.com

  • So, you rather want to have a system with lots of security holes in which you have no idea where you could have attack but in the end it simply works no matter what. Also, you consider any software installed in linux is independent, ie. it does not depend any other software in the system, that is almost never true in linux. In the end, if you try to keep some packages downgraded, you will end up with a system almost can never go forward. For example, Debian like systems need to provide a new version of their distro every some years since it is almost impossible to build upon the previous version. That is why you always have to update to be able to go forward in rolling distros like Arch. Manjaro is more conservative in that sense but you should have heard security concerns of people all the time.

    In the end, it comes down to the philosophy of the distro you are using. What you ask here is really hard to maintain with any rolling distro. Though if you really want to you can use Ignorepkg to ignore them from being upgraded. But it is not very safe, more open to failure.

    Also, if you start to oversee security issues considering they are not very important, you may create a chain of security problems which becomes really hard to fix on the way. Very dangerous for rolling distros.

security10 on-demand1 reasons1 updates27 Posts 5Views 127
Log in to reply