buffer overflows, non-x86 architectures (Re: Which Red Hat?)

Tue Feb 18 13:07:19 PST 2003

Quoting J C Lawrence (claw at kanga.nu):
> On Mon, 17 Feb 2003 21:54:34 -0800 Rick Moen <rick at linuxmafia.com> wrote:
> > Quoting J C Lawrence (claw at kanga.nu):
> >> SGI Indy's (the purple mini-towers) also tend to be readily available
> >> and extra NICs for them are cheap enough.
> 
> > I've seen those around, and wouldn't mind having one.  
> 
> They seem to come on the market in spurts.  Indigo2s may be more readily
> available now as the Indys fall wayback in age.

I've used Irix since 3.x.  I have a couple Indy's here.  I
*like* SGI; I've pushed for them hard at resistant companies
and I've used them at post production (film/tv) houses.

Again, I like SGIs machines; I hate that the (used to) sell
proprietary $$$$ RAM and kept costs for users very high.
Extra costs for NFS, eg., even in 5.x kept them out of a very
large bank I worked at because it was one of a list of things
that irked us a lot.  (and a test buy - a presentor - that died
and needed 4 MONTHS to get fixed was the nail in that coffin).

When I was working with trading floor Sun's (SunOS 4) and DECs
(ultrix/OSF1) a lot and admiring the solidity with Ultrix uptimes
exceeding 500 days of several machines, a friend offered that
working with the SGI's was a lot like working with dragsters and
race cars.  You worked on them, got them set for a run and, man!,
nothing was faster.  The Sun's and DECs were nice trucks and busses
that didn't go fast, but always chugged along.

Like the hardware, like Irix.

But I have to say Irix is the last OS I'd put on a machine that
needed to be secure.  It's lovely and aimed for user friendliness
and at speed.  It's history is long with security holes. So fine,
they live behind a firewall.  [hell, we put dedicated firewalls
in front of Tandems that never crashed, but offered ZERO way to
restrict access to them].

It's also questionable whether a desktop SGI wants to be
a home firewall in California.  They run REALLY hot and suck
power.  Their case design, I swear, seems to be built it until
it catches fire, then take that last item out.

A friend starts using his Indigo when his home office is cold.

AS for non-x86, yes, when a BIND buffer attack hit the net, I was
away.  I was amused to find named.cores but not too concerned that
the kiddies were overflowing my buffers with MIPS code.
A watcher just restarted named (chrooted, anyhow).