Start with a real minimal build of Solaris, build a sparse zone. The zones then
take ~200MB. No, its not a CHROOT, but you can chroot apps that support it
(named) within the zone so that there is absolutely nothing that can be
accessed if it somehow is broken... but the minimal install should reduce your
patching requirements and the sparse zone makes it so that IF someone breaks
in, they can't break "most" of the executables as they are on a read-only
filesystem.
--
This message posted from opensolaris.org
_______________________________________________
zones-discuss mailing list
[email protected]
