On Mon, Apr 12, 2010 at 07:42:23AM -0700, Ben wrote: > > A kernel panic is a kernel panic is a kernel panic. :-) > > > > So if an app crashes the complete zone, chances are it will crash the > > entire box. After all, it's only one Solaris kernel running. > > Out of curiosity then, how much I induce a kernel panic? Now I've > gotten this far into my investigation, I need to prove, or dis-prove > that zones will all more stability. If I can induce a kernel panic I > can say that my initial thought was incorrect.
Whenever a user-land program running in a non-gz zone can cause a kernel panic we consider that a high priority security bug. (An unprivileged user-land programm running in the g-z should also not be able to cause a kernel panic. But a privileged one could always load a kernel module that will call panic(), or use the DTrace destructive action panic().) Nico -- _______________________________________________ zones-discuss mailing list email@example.com