Thanks for the feedback! Made a few changes, will continue to update as I get my head around this.
On Mar 5, 2007, at 5:54 PM, Jan Parcel wrote: > Wow, great intro! Especially what NOT to do. > > I'm a little concerned about the wording > > "Trusted Extensions takes the concept of a local-zone and puts a > clearance > framework around it." > > This is so clear, I'd hate to ruin it, but putting a clearance > framework > around it isn't all that was done -- a "clearance umpire" was inserted > and that means the zones actually communicate MORE than Solaris > zones do, to > coordinate with the "umpire." In other words, they changed zone > behavior > in more ways than just wrapping it -- IIRC, it means you can't > (yet, anyway) > do "branded zones" or some of the other things that are normally done > with zones in Solaris -- I think a per-zone naming service is one > of the > other things you can't (or at least shouldn't) do. I don't have a > list. > > I suspect the experts will hate the "umpire" example, maybe they can > think of something better. > > >> Date: Thu, 01 Mar 2007 17:53:02 -0500 >> From: Robert Bailey <robert.bailey at mac.com> >> Subject: [security-discuss] Idiot's Guide to TX >> To: security-discuss at opensolaris.org >> Delivered-to: security-discuss at opensolaris.org >> X-Original-To: security-discuss at opensolaris.org >> X-Brightmail-Tracker: AAAAAA== >> X-Brightmail-scanned: yes >> List-Unsubscribe: > <http://mail.opensolaris.org/mailman/listinfo/security-discuss>, > <mailto:security-discuss-request at opensolaris.org?subject=unsubscribe> >> List-Id: OpenSolaris Security Discussions <security- >> discuss.opensolaris.org> >> >> Folks, >> >> I'm attempting to put together an idiots guide to TX. Mostly taking >> lessons learned the hard way, and using common (SA) english instead >> of the NSA version ;) >> >> http://web.mac.com/robert.bailey/iWeb/Fun%20in%20the%20Sun/Trusted% >> 20Extensions/42C89DE4-67A3-4338-BA50-0CF38C9D970E.html >> >> http://web.mac.com/robert.bailey also contains regular zone >> migration, general security tips and VCS with zones info. If >> interested. >> >> Thoughts, commends, "that ain't even close"'s are all welcome. >> >> Thanks >> Bob >> _______________________________________________ >> security-discuss mailing list >> security-discuss at opensolaris.org >
