Juan Madrigal wrote:
Which has the better implementation? Featureset and Security wise?
OpenSolaris Zones, FreeBSD Jails, or VServer/OpenVZ
I'm looking for a really good comparison and haven't found much.
Either zones-discuss@ or security-discuss@ are better places unless you
really are asking about code quality.
Define Better ?
I don't know anything about VServer/OpenVZ but OpenSolaris Zones are
very feature rich and are very tighly integrated with the very rich
OpenSolaris resource control framework.
Form a security view point my last look at Jails verus Zones would put
Zones out on top for a number of reasons the key one being that Zones
are tighly integrated with the OpenSolaris privileges(5) system and run
with less privilege (the set of which can be configured).
The Solaris 10 binaries for Zones have also being Common Criteria
evaluated to EAL4+ for CAPP RBACPP and LSPP (when Zones are used for
Mandatory Access Control labeling ie Trusted Extensions are configured).
Does that mean they are better ? Not necessarily it depends on what
matters to you and what better means to you.
--
Darren J Moffat
_______________________________________________
opensolaris-code mailing list
opensolaris-code@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/opensolaris-code
