Nergal Dimitri wrote:
If I have some special device like a signaling card, can this card be used from
a zone without any restrictions? And if there are restrictions, can the global
administrator change these restrictions to allow the use of it, even if it
breaks the zones security rules?


That depends on what the software wants to do to that device, and when you want to implement it, as follows.

You can assign the device into the zone. At that point software which does not need root privileges can do the "normal" things a non-root process can do, e.g. open it, read from it, write to it, close it, etc.

If the software does things which normally require root privileges, you may need to wait until Solaris 10 delivers the ability to give special privileges to zones. I believe that this ability will begin to arrive in Solaris 10 later this year.

Perhaps someone else on this list can be more specific about the last paragraph.


--------------------------------------------------------------------------
Jeff VICTOR              Sun Microsystems            jeff.victor @ sun.com
OS Ambassador            Sr. Technical Specialist
Solaris 10 Zones FAQ:    http://www.opensolaris.org/os/community/zones/faq
--------------------------------------------------------------------------
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org

Reply via email to