If we implement Dan's idea of a percentage for some of the resource
controls we could have physical memory and swap caps default to something like
50%-75% of the system total.  Again, well-behaved zones shouldn't get close
to this (if they do, the system is probably undersized to begin with) but
we can keep a misbehaving zone in check.

Wouldn't this lead to a waste of resources on systems with only one
non-global zone? It may not be the most common setup, but still makes a
lot of sense for a higher level of security.

No, since this is only a cap, not a partitioning of resources, so everything
is still shared.

Because it's a cap, if it's 50% then a single zone that wants to use 6GB of an 8GB system can't. Even if the global zone (incl kernel) uses 1GB, 1GB is wasted.

