• li10
    link
    fedilink
    English
    arrow-up
    20
    ·
    9 months ago

    I’d be surprised if you actually saw anything change from security updates tbh, I don’t think I’ve ever seen anything break from a quick patch.

    Dist upgrades are when things might break, but they’re only once every few years. Leave them too long though and you may end up with compatibility issues if you need to make changes.

    Fair enough if you’re not getting paid enough, the company should hire more people to stay on top of that though.

    • 0x4E4F@lemmy.dbzer0.comOP
      link
      fedilink
      arrow-up
      1
      ·
      9 months ago

      They have and that is why I don’t do them any more. Happened a few months ago in fact. Updated one of the Debian servers for one of webapps we have running (a black box piece of shit VM that’s stuck in 2010 I think)… suddenly, the app in the VM doesn’t work. The VM does start, but the app doesn’t work, just throws a 404. Why? Beats me, don’t have time to troubleshoot. Roll back a snapshot, everything works again. Conclusion, don’t update that.

      See, around here, you don’t keep your job by messing around with things that already work. They work, period, why did even feel the need to mess with that 🤨. If that’s management’s view on security, fine, so be it 🤷.

      I still file reports on things not being up to date, just so that if shit hits the fan, I’m not the one taking the fall for it.

    • 1984@lemmy.today
      link
      fedilink
      arrow-up
      3
      arrow-down
      2
      ·
      9 months ago

      Usually you upgrade everything though, not just sec patches. And it’s a risk that something stops working, and nobody wants to spend time on that…

      • 0x4E4F@lemmy.dbzer0.comOP
        link
        fedilink
        arrow-up
        2
        arrow-down
        5
        ·
        edit-2
        9 months ago

        Exactly… because it’s tidious and time consuming… and I won’t get extra pay for it. Meanwhile I’m also expected to do everything else I do… sorry, just not gonna bother at all.