Creating and Using Oracle® Solaris Zones

Updated: May 2015

Exclusive-Use Devices

You might have devices that you want to assign to specific zones. Allowing unprivileged users to access block devices could permit those devices to be used to cause system panic, bus resets, or other adverse effects. Before making such assignments, consider the following issues:

  • Before assigning a SCSI tape device to a specific zone, consult the sgen(7D) man page.

  • Placing a physical device into more than one zone can create a covert channel between zones. Global zone applications that use such a device risk the possibility of compromised data or data corruption by a non-global zone.