Steffen Weiberle wrote:
Is it safe to generalize that non-LOFS file systems in Solaris 10 do
not allow cross-zone interaction? procfs does not. namefs does not.
tmpfs does not. sockfs does not. doors does not. What about all the
others (I can't even name them all)?
Doors can be used in Solaris for cross-zone communication if the
rendezvous file is visible in each zone. TX has conditional code to
disallow cross-zone doors unless one end is running in the global zone.
TX has a pretty simple rule that no data can be written to by more than
one zone because each zone has a unique sensitivity label. This applies
to all file system mounts including NFS mounts. There is no equivalent
rule for standard Solaris. So if you need to enforce mandatory data flow
policies, you probably need TX.
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org
