petrben,
Yes that is my question too: "is running in a local zone safer?". That is why I
created this thread.
I was thinking something like this: If someone hacks my WinXP, then he must
bypass VBox. Then he is inside the local zone. Then he must get root access to
the local zone. Then he must b
On 26 Nov 2010, at 10:50 , Orvar Korvar wrote:
> petrben,
> Yes that is my question too: "is running in a local zone safer?". That is why
> I created this thread.
>
> I was thinking something like this: If someone hacks my WinXP, then he must
> bypass VBox. Then he is inside the local zone. Th
On 26 November 2010 10:50, Orvar Korvar wrote:
> petrben,
> Yes that is my question too: "is running in a local zone safer?". That is why
> I created this thread.
Yep and I found your question interesting and want to know more as well.
If you are the only administrator on the machine is there an
So you suspect there is no need to shut down the global NIC, if the zone uses
exclusive IP and it is on a separate subnet and there is no routing between the
zones?
Ok, that is an interesting thought. What do you other people say? In that case
a local zone can not ping (reach) the global zone?
If hacker exploits a bug in the VBox driver and corrupts kernel memory so he
gets into the global zone, then maybe it is safer to not use VBox? And only use
local zones for reaching the outside world? And shutdown the NIC to the global
zone?
--
This message posted from opensolaris.org
_
On 26 November 2010 13:25, Orvar Korvar wrote:
> If hacker exploits a bug in the VBox driver and corrupts kernel memory so he
> gets into the global zone, then maybe it is safer to not use VBox?
If such bug exists then it'll be safer to not use VBox, however, I'm
not aware of any such bug. VBox
how can I ssh into a local zone if the global zone has no outside connection??
you have 2 options. 1. from the global you can simply use zlogin zonename and
ur in. 2. you can add tcp wrappers to the non-global zone to only allow ssh
connections from the global.
> Date: Fri, 26 Nov 2010 04:22: