James Carlson wrote:
Hi JamesEnda o'Connor - Sun Microsystems Ireland - Software Engineer writes:What is the impact on the use of non-global zones and trusted Solaris?i.e. if I install trusted Solaris, are there any restrictions on the use of non-global zones, expecially with respect to networking?In effect, you can't use any independent zones on a Solaris system with TX (Trusted Extensions) installed. Each zone on a TX system represents a security label. The system as a whole (the global zone and _all_ of the non-global zones) appears as a unified system with multiple labels to the user. This means that zones on a TX system are essentially an implementation detail, and can't be used to create independent Solaris environments.
Thanks for the info.
Wasn't aware of this, actually not that familiar with TX overall.
I was looking at a box this am that was setup with this scenario, and the non-global zones were apparently not able to see outside the box, they could ping the global etc, but nothing else.
Guess that explains that then, need to familarise myself with TX.
Enda
_______________________________________________ zones-discuss mailing list zones-discuss@opensolaris.org
