I have a security-sensitive customer...
David.Collier-Brown at Sun.COM
Thu May 19 14:46:52 GMT 2005
How so? It can do anything root can, it just can't do it
to some process in some other zone or on a filesystem or
network connected only to another zone.
Did you hit a restriction Sun didn't notice? If so
I should open a bug for it.
Andrew Bartlett wrote:
> On Thu, 2005-05-19 at 10:23 -0400, David Collier-Brown wrote:
>> Theoretical trumps practical in this case: these folks
>> arguably ought to be running TS or SEL (Trusted Solaris
>> or Security Enhanced Linux). I'm going to start the
>> Solaris 10 zones discussion next...
> The problem is, that Samba has to be in the 'can do anything' zone.
> Andrew Bartlett
David Collier-Brown, | Always do right. This will gratify
Sun Microsystems, Toronto | some people and astonish the rest
davecb at canada.sun.com | -- Mark Twain
(416) 263-5733 (x65733) |
More information about the samba-technical