Vasiliy wrote: > What if we introduce zones similar to sparceroot zones which will share not > only /usr but everything exept user area or some user are, this way it will > be loghtweigh and only use isolation from existing zones. We may call it > software domain zones.
Isn't this effectively what $HOME already is? Everything is read-only except for $HOME and /tmp, runs on the same kernel, shares the same networking configuration, etc etc. You *are* the "root" user, relative to your $HOME. -jhf-
