|
|
|
|
|
|
by darksaints
2024 days ago
|
|
|
The kernel isn't super secure. There are way too many CVEs, and the kernel now has 28 million lines of code. That is a massive surface area for bugs and exploits. Even with LTS kernels, you can still expect to update your kernel a couple times per year with security patches. Each time that happens, you're gonna need to reboot. You're right that LTS work doesn't go away...bugfixes will still need to be backported to old software versions. But that work is actually quite a bit easier when it is not so tightly coupled to kernel versions and repositories that are unique for each distribution and release version and architecture. That complexity is a combinatorial explosion. Instead of having a different codebase for each (PackageVersion,KernelVersion,Distribution,Release,Architecture) combination, you would only need to maintain a codebase for each (PackageVersion, Architecture) combo...and maybe for packages which are trivially cross-compiled, even fewer. |
|
|