LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Announcements page

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Rackable Systems acquires SGI

[Posted April 1, 2009 by corbet]

SGI has announced that it has been acquired by Rackable Systems Inc. The purchase price is "approximately $25 million."
(Log in to post comments)

Rackable Systems acquires SGI

Posted Apr 1, 2009 18:21 UTC (Wed) by ajross (subscriber, #4563) [Link]

Sigh. MIPS, Irix, the Reality Engine, Iris GL, OpenGL, the Personal Iris, the Iris 4D, the Indigo, the O2. All this stuff was iconic. Sun might have had the market share (and, to be fair, the better Unix in SunOS), but it was SGI that held the hearts and minds of the Unix community in the late 80's and 90's. And it's gone for chump change to the self-described fourth largest provider of x86 servers in North America.

It feels just wrong somehow.

Rackable Systems acquires SGI

Posted Apr 1, 2009 18:49 UTC (Wed) by kent (guest, #3834) [Link]

Yes, no other vendor could come up with so hilarious
security holes as SGI. Irix, we miss you.

Or not.

Rackable Systems acquires SGI

Posted Apr 1, 2009 18:55 UTC (Wed) by quotemstr (subscriber, #45331) [Link]

Any history there? The only really obvious security hole in Irix was the fam stuff --- and wasn't that just an information disclosure vulnerability (you could monitor files you couldn't normally read or even know exist.)

Rackable Systems acquires SGI

Posted Apr 1, 2009 19:14 UTC (Wed) by kent (guest, #3834) [Link]

Irix was famous for having default accounts installed without password,
e.g. "lp".

See http://www.cert.org/advisories/CA-1995-15.html

Irix also holds the world record for lowest TCP port number
involved in security problems, 1/tcp:

http://www.cert.org/incident_notes/IN-98.01.irix.html

Rackable Systems acquires SGI

Posted Apr 1, 2009 23:53 UTC (Wed) by jd (guest, #26381) [Link]

On the other hand, Trusted Irix was supposed to be one of the better secure OS'. I forget where it came in relationship to Trusted Solaris, but both were B-rated systems. (The only A-rated general-purpose OS I know of was Genesis. The others were all special-purpose.)

Rackable Systems acquires SGI

Posted Apr 2, 2009 11:22 UTC (Thu) by tialaramex (subscriber, #21167) [Link]

This is an Apple / Orange comparison

The A and B ratings you're talking about don't involve actual security, but only certifying to a standard. It is perfectly possible to have gaping holes in your system's security, so long as the design document doesn't call enough attention to them for the audit to notice.

A conscientious developer would obviously want to not only meet the requirements of the standard but also build a system that was secure in practice. But not everyone is conscientious, and those who are may find that they have too few resources and the business prioritises the certification.

As an example, it is not uncommon to find that you can meet the requirements by writing "After installation, the following four pages of instructions must be followed in order to set and enable the access password". The auditors will follow the steps, and sure enough they work. But unfortunately 99% of real world installs will not have these complex steps followed and will remain insecure.

Or you may decide that some of the requirements impose onerous restrictions on development systems, so you provide a simple dip switch which disables key security features. Certified systems have the dip switch unset, but it's shipped set for the convenience of development and testing staff and nobody changes it unless they're explicitly told to do so on a production machine. Even support engineers may set it, and forget to put it back. So in practice again 99% of real world systems are insecure.

Rainbow Books & Security

Posted Apr 3, 2009 0:20 UTC (Fri) by jjs (guest, #10315) [Link]

Actually, at the B & A levels, it was (now they use the Common Criteria) far more than just "audit" (see the books at http://csrc.nist.gov/publications/secpubs/rainbow/ - in particular http://csrc.nist.gov/publications/secpubs/rainbow/std001.txt). The included proving the system, and testing for holes such as covert channels.

Rackable Systems acquires SGI

Posted Apr 2, 2009 13:54 UTC (Thu) by ghamlin (guest, #57789) [Link]

Yes, lots of history there.

Irix had many fine qualities. SGI packaging sensibilities were actually somewhat similar to Redhat in many ways. Most commerical Unixes shipped aweful configuration files. Linux was always better here, IMO. Irix was above average.

However, for all its features. Irix had the worst security of an Unix I can think of.

SUID executables that don't set PATH. 'EZsetup' accounts that were easy to leave enabled by accident. Other odd accounts with default passwords for 'demo software'.

SysV style 'chown give-away' worked. So if you could create a file somewhere you could set the permission and then give it to a user. This leads to all sort of bizarre vulnerabilities when utilities check to see if the file's ownership and permissions are safe before trusting its contents.

However, Irix could be secured. The OS was fairly decent. They just made it a challenge. Basically don't trust anything they wrote with SUID. Remove all their cronjobs and wonder what bizzare 'feature' you broke. :)

They did have some nice features... GL, FAM, XFS. They would periodically show off and set new IO records with their architecture, but they also some fancy techniques to set records that were a bit dodgy that have not been ported elsewhere. (I vaguely recall it was possible to do device-to-device DMA transfers for example)

Really, SGIs were just nice machines not everything they did was polished, but the systems were pleasant and shiny. They have never been smart on the business side however. They failed over and over again. The visual workstations were a failure. They were hurt by the Itanium failure. I was pleased with their Linux work, but I lost a lot of respect for them when they stripped Cray of the T3E and killed that product rather than allow a much cheaper HPC solution to exist. They were not the most common machines to compile software on. Sometimes I would see messages from build scripts like 'Holy crap that worked send me an email at ...' when I would finish building things.

* chown give-away mean root privilege is not require to assign ownership to someone else for example:

$ touch my_gift_to_you
$ chmod 600 my_gift_to_you
$ chown you my_gift_to_you

Rackable Systems acquires SGI

Posted Apr 1, 2009 21:10 UTC (Wed) by cdarroch (guest, #26812) [Link]

How true. Remembering the IRIS 1400 and its Geometry Engine pipeline brings back some fond memories. Sending matrices off to the hardware to be multiplied with a simple set of functions like:

loadmatrix(ctrl);
multmatrix(bezier);
multmatrix(gen);
getmatrix(ctrl);

blew anything one's personal Hercules Graphics Card could do out of the water.

Rackable Systems acquires SGI

Posted Apr 1, 2009 22:19 UTC (Wed) by nix (subscriber, #2304) [Link]

Quite so. One of the greats has passed away, and for shockingly little. I
knew Linux had eaten it alive, but I didn't realise how much of it was
gone.

(My first exposure to Unix was SGI Indigos. Those were wonderful machines.
How are the mighty fallen...)

Rackable Systems acquires SGI

Posted Apr 1, 2009 23:55 UTC (Wed) by jd (guest, #26381) [Link]

It might be an April 1st prank, so be careful. But if SCO has gone, then it was (a) buying Cray and (b) selling Windows clusters that killed it.

Rackable Systems acquires SGI

Posted Apr 2, 2009 1:39 UTC (Thu) by rahvin (subscriber, #16953) [Link]

It was my understanding from last looking at their financials that the sales through the CRAY division were the only thing keeping SGI alive. They got cray for pennies (5million?) and turned around and started building huge multiprocessor machines using their in house MIPS chips. Actually made a number of high profile sales in the tens of millions of dollars range.

Rackable Systems acquires SGI

Posted Apr 2, 2009 0:27 UTC (Thu) by ncm (subscriber, #165) [Link]

Curiously, it has been SGI doing much of the scalability work that is beginning to enable Linux to run usefully on machines with hundreds of processors, even if on SGI they are Itanics.

Rackable Systems acquires SGI

Posted Apr 1, 2009 19:16 UTC (Wed) by BrucePerens (guest, #2510) [Link]

Tell me it's an April Fools prank. Please.

April Fool's?

Posted Apr 1, 2009 22:34 UTC (Wed) by ncm (subscriber, #165) [Link]

It has to be. Who would send out a serious press release today? But I couldn't find any clues in the press release. If it's not real, it's masterful in its subtlety. The only better buyer would be Sega.

April Fool's?

Posted Apr 2, 2009 2:21 UTC (Thu) by MattPerry (guest, #46341) [Link]

> Who would send out a serious press release today?

People without the mentality of a five year old. Not everyone acts like a moron on April 1.

probably not a joke

Posted Apr 5, 2009 11:15 UTC (Sun) by dlang (✭ supporter ✭, #313) [Link]

I recieved the announcement from my Rackable sales rep

so unless they fooled their own people (and didn't send out a correction afterwords), this isn't a joke.

Rackable Systems acquires SGI

Posted Apr 1, 2009 19:58 UTC (Wed) by jengelh (subscriber, #33263) [Link]

For a moment my language recognition seems to have been amiss... at "SGI has announced that it acquired Rackable System Inc. The purchase price is approx $25 mil."

Rackable Systems acquires SGI

Posted Apr 1, 2009 20:03 UTC (Wed) by arekm (subscriber, #4846) [Link]

rackable systems, make CXFS open source!

Rackable Systems acquires SGI

Posted Apr 1, 2009 20:07 UTC (Wed) by lmb (subscriber, #39048) [Link]

From working on the FailSafe project in 2000, I'm quite sure that is unlikely. It was a major pain to ensure that XFS/FailSafe did not violate anyone else's intellectual property and that SGI actually was in a position to Open Source them. I would be surprised if they could complete that exercise for CXFS today.

Rackable Systems acquires SGI

Posted Apr 3, 2009 2:19 UTC (Fri) by stevelord (guest, #53493) [Link]

CXFS only uses Failsafe to distribute configuration information between systems, the original implementation did not use it at all. Then one day a VP level person said, use Failsafe for configuration and CXFS acquired umpteen thousand lines of code to implement a distributed database and a lot of pain. Some folks spent a lot of time updating Failsafe to not use sleeps as a synchronization mechanism to get the performance to acceptable levels.

There is some cool stuff in CXFS, but it was always very complex and extremely hard to deal with inter machine deadlocks. The version which became a product was the simplified version too.

Rackable Systems acquires SGI

Posted Apr 2, 2009 8:29 UTC (Thu) by barryn (subscriber, #5996) [Link]

Am I the only person who thinks the SGI press release is burying the lede? Here's a Bloomberg article that doesn't (IMO): Silicon Graphics Files Bankruptcy With Plans for Sale

BTW, here's the Form 8-K that SGI filed with the SEC regarding this matter. Did anyone else notice this? "The assets to be acquired do not include certain non-core patents, which will be retained by SGI." I don't know if that will have real-world consequences to anyone other than SGI, but it caught my eye nonetheless.

Rackable Systems acquires SGI

Posted Apr 3, 2009 3:43 UTC (Fri) by larry (subscriber, #6023) [Link]

SGI in the '90's was like Google now -- snob-a-roonies. They're nosed were so high they couldn't smell their own poop. I think more than their noses were high.

Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds