I tried the kill and AFAICT root in the global zone can kill a process
in a non-global zone:

OK.  I must be misremembering this.  I thought the restriction was
more complex than that.

Within the global zone, the ability to kill a process in a non-global
zone is controlled by the "proc_zone" privilege.  Normally, only a user
with all privileges will have this ability unless modified via RBAC.

zones-discuss mailing list

Reply via email to