Hot off the press!

Glenn Brunette and I wrote a Sun BluePrint that explains the security
features of Solaris Zones/Containers:

http://wikis.sun.com/display/BluePrints/Understanding+the+Security+Capabilities+of+Solaris+Zones+Software

Contents

    * Zone Root File System
    * Process Containment
    * Operating System Privileges
          o Default Privileges
          o Required Privileges
          o Prohibited Privileges
          o Optional Privileges
    * Operating System Kernel Modules
    * Operating System Devices
    * Networking
          o Shared IP
          o Exclusive IP
    * Operating System Files
    * Operating System Security Configuration
    * Resource Management
          o Memory Controls
                + Physical and Virtual Memory Capping
                + Shared Memory
                + Locked Memory
          o CPU Controls
                + Fair Share Scheduler
                + CPU Capping
                + Private Pool
                + Shared Pool
          o Miscellaneous Controls
    * File Integrity Checks
    * Security Auditing
    * Solaris Trusted Extensions
    * Summary

-- 
--JeffV
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org

Reply via email to