On Fri 03 Oct 2008 at 03:27PM, Nick Kew wrote: > In normal operation, copy-on-write gives us this model for free. > Does copy-on-write work across a zone_enter()?
Yes. > In the past, we've had some efforts to improve separation, based on > worker children running under different user IDs. See for example > the perchild MPM at apache.org. There's a lot of demand for > perchild-like solutions, but no really satisfactory solution. > > My proposal is to provide an option whereby worker children perform > a zone_enter before accepting connections or reading application- > sensitive data. This of course assumes apache is started up in the > root zone. Each zone will be the home for one or more virtualhost. > It should be possible for zones to have different sizes (numbers of > worker threads) and bandwidths (through crossbow), and other > customisations. But the primary purpose - and I believe a huge > selling-point - is the increased security of this virtualisation. > > Is there anywhere I can get the programmer documentation to get > started on this work, beyond dabbling blindly with examples found > on the 'net? Nick, I think this is an interesting idea, but I must caution you that zone_enter(2) isn't a public API, and using it correctly is truly non-trivial. One thing I don't really understand about your solution is what economy it achieves. That is to say, why not run an apache instance per-zone? If you like we can chat offline by phone sometime about this. -dp -- Daniel Price - Solaris Kernel Engineering - [EMAIL PROTECTED] - blogs.sun.com/dp _______________________________________________ zones-discuss mailing list email@example.com