April 2007
SunMonTueWedThuFriSat
 1  2  3  4  5  6  7 
 8  9  10  11  12  13  14 
 15  16  17  18  19  20  21 
 22  23  24  25  26  27  28 
 29  30      
Mar  |  Today  |  May


Today | RSS | RDF | Atom | Other


 

Advanced Search


Recent Blog Entries



Other Blogs

Non-Threatening Boys Magazine
What Comes After Quaternary?
Hockey Ho
She knits, she climbs, she codes!
Uncontrolled Vocabularies
Hell's Hoosier Bells
In through the out door



Powered by Pebble
[Solaris] Solaris Zones stuff in U3

Apr 25, 2007

While looking for information on the limitpriv resource in Solaris Zones, I happened across this document. It has the only complete listing of what limitpriv means -- and how to modify it -- that I've found.

But wait! there's more! This doc also covers new features to Solaris Zones in update 3, including ones I thought weren't available yet, such as running Linux applications in a so-called branded zone.

I haven't yet got around to writing a full working demo for Solaris Trusted Extensions yet, but it's worth mentioning now that zones are used in a trusted environment as a means for segregating data. Each zone on a trusted system is assigned a sensitivity label, which applies to all objects within the zone: files, processes, devices, everything. A user or process must then acquire the appropriate clearance label to access any of these objects.

This approach to security differs from what most Unix admins know as discretionary access control (DAC). Trusted systems security relies on mandatory access control (MAC) -- the whole sensitivities and clearances thing. To compound the picture, however, a properly installed trusted system will disallow direct access to the root UID in favor of discrete roles (Security Administrator, System Administrator) that have a specific set of root privileges only. In this way, a proper trusted system is never at the complete disposal of any one person. Furthermore, all people who switch to a root-privileged role are logged. This process is supported through role-based access controls (RBAC), and that's enough AC business to gloss in one night.

Anyway. Zones will get more play in more directions now, much of which will not overlap with other uses. A Trusted System, for example, may only have (sensitivity) labelled zones on it. You can't spawn off zones for fun on such a machine. If you want to put a labelled zone on ZFS, you have to plan ahead a little, too (I'll get to that later). A branded zone will have certain cordons too, or so I imagine. Linux applications don't much pique my interest.

TrackBacks[0] Comments[0]
Powered by Pebble 1.9.1 [ Login ] Content © Michael Ernest