Start with a real minimal build of Solaris, build a sparse zone. The zones then 
take ~200MB. No, its not a CHROOT, but you can chroot apps that support it 
(named) within the zone so that there is absolutely nothing that can be 
accessed if it somehow is broken... but the minimal install should reduce your 
patching requirements and the sparse zone makes it so that IF someone breaks 
in, they can't break "most" of the executables as they are on a read-only 
This message posted from
zones-discuss mailing list

Reply via email to