Luke Scharf wrote:
Why not just run a userland NFS daemon in the zones -- and follow the existing security model?


That makes all of the security model questions fall away --

Would you clarify that? I don't know how NFS works, but it seems to me that the security enforcement components should be performed in the kernel where there is better protection. That doesn't preclude the rest from living in userland.


--------------------------------------------------------------------------
Jeff VICTOR              Sun Microsystems            jeff.victor @ sun.com
OS Ambassador            Sr. Technical Specialist
Solaris 10 Zones FAQ:    http://www.opensolaris.org/os/community/zones/faq
--------------------------------------------------------------------------
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org

Reply via email to