why?

  • tias@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    23
    ·
    edit-2
    1 year ago

    It can’t, really. What Linux will do (and Windows won’t) is delete old files and replace them with new ones while they are still in use. But this has two problems.

    1. It can lead to stability issues. See e.g. Firefox, which refuses to open new tabs and can’t shut down cleanly if you update using the package manager while the browser is running. If you replace a binary executable in use and it later tries to load a shared library dynamically, it will get an unexpected version of that shared library which can potentially lead to memory corruption. Similar problem if the program tries fork+exec itself to create more instances (like Firefox and Chrome do).
    2. It won’t actually update the running process in memory, so even if you install security fixes your system will still be vulnerable. To be safe after e.g. fixes to libc you really need to reboot your system, but most distributions hide this fact from the user.

    Windows could certainly opt for a similar solution as Linux. They just chose a stricter and more reliable model for file locking, for good or bad. For what it’s worth I personally prefer the Linux model, but that’s because I know to reboot my system after updating it. I don’t trust my dad to take that social responsibility so he needs to be forced.

    • socphoenix@midwest.social
      link
      fedilink
      English
      arrow-up
      12
      ·
      1 year ago

      Outside of the kennel a reboot is not necessary you just restart the app/service it’s really not rocket science.

      • tias@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        1 year ago

        Updating a shared library requires an understanding of which services (and interactive programs) use that shared library. There’s a lot of room for mistakes. So while restarting specific services can be worth it for a high-availability server, for a desktop PC I find it easier and less error-prone to just restart the machine. If you are really keen to avoid going into POST you can use kexec.