James Carlson wrote:
Enda o'Connor - Sun Microsystems Ireland - Software Engineer writes:
  
What is the impact on the use of non-global zones and trusted Solaris?

i.e. if I install trusted Solaris, are there any restrictions on the use 
of non-global zones, expecially with respect to networking?
    

In effect, you can't use any independent zones on a Solaris system
with TX (Trusted Extensions) installed.

Each zone on a TX system represents a security label.  The system as a
whole (the global zone and _all_ of the non-global zones) appears as a
unified system with multiple labels to the user.  This means that
zones on a TX system are essentially an implementation detail, and
can't be used to create independent Solaris environments.

  
Hi James
Thanks for the info.
Wasn't aware of this, actually not that familiar with TX overall.

I was looking at a box this am that was setup with this scenario, and the non-global zones were apparently not able to see outside the box, they could ping the global etc, but nothing else.
Guess that explains that then, need to familarise myself with TX.

Enda


_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org
  • [zones-discus... Enda o'Connor - Sun Microsystems Ireland - Software Engineer
    • Re: [zon... James Carlson
      • Re: ... Enda o'Connor - Sun Microsystems Ireland - Software Engineer
        • ... James Carlson
          • ... Enda o'Connor - Sun Microsystems Ireland - Software Engineer
      • Re: ... Jarrett Lu

Reply via email to