On Mon, Jul 13, 2009 at 12:53 PM, Harry Putnam<rea...@newsguy.com> wrote:
> After reading only a little about zones.. I doubt I really get the
> expected usage one might put a zone to.
> My case is very homespun.... just a home lan with at most... 6
> 1 vista(laptop) 3 winXP 1 linux 1 Opensolaris (2009.6 still using b111)
> I've been mainly a linux user until recently but use 3 winXP machines
> for video and photography processing since I work largely with all Adobe
> tools. I'm more experienced with admin type chores on linux..
> I'm using the Opensol machine for most backup type jobs across the
> lan. Or in cases where the backup may originate on a windows machine
> such as with `Retrospect', the opensol machine is the recipient only.
> I wondered if there would be any advantage to creating a zone where
> only the backup chores were handled, nothing else.
> I can't be sure if that is even the kind of thing one would do with a
> zone, but it seems kind of likely it would be handy to have an area
> where nothing but backup chores were in order.
> Another zone I've thought about would be for nameservice to my home
> lan. Maybe a mail server might be another zone usage.
> I hoped to hear from a few experienced `zones' users about such a usage.
Zones are handy when you need an added degree of isolation. The time
that I could see such a need for typical home usage would be if you
have an internet-facing web server or similar. I would put the web
server in a zone and have my router set up to forward http packets to
that zone. If someone breaks through the web server's security and
gets shell access, they get shell access only to the things that are
on the web server. Presumably the web server zone doesn't have access
to sensitive things, like your tax records.
In a business situation, there are several other use cases.
Longer term, management of zones (e.g. applying software updates)
takes extra effort. As such, I wouldn't break things up into separate
zones any more than makes sense to satisfy your needs.
zones-discuss mailing list