On 30 March 2017 at 14:46, Bob Friesenhahn <bfrie...@simple.dallas.tx.us> wrote: > Something I see is that with normal Solaris zones, one can provide root > access to a relatively untrusted third-party since everything important can > be locked-down. This approach should currently not be used with LX Zones.
Why is that? There shouldn't be any difference between a native zone and an LX zone with respect to untrusted workloads. The containment model is the same in both cases. Cheers. -- Joshua M. Clulow UNIX Admin/Developer http://blog.sysmgr.org _______________________________________________ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss