The Oracle VM Server for SPARC software is a virtualization product that permits multiple Oracle Solaris virtual machines (VMs) to run on one physical system, each with its own Oracle Solaris 10 or Oracle Solaris 11 OS installed. Each VM is also called a logical domain. Domains are independent instances and can run different versions of the Oracle Solaris OS as well as different application software. For example, domains might have different package revisions installed, different services enabled, and system accounts with different passwords. See Oracle Solaris 10 Security Guidelines and Oracle Solaris 11 Security Guidelines for information about Oracle Solaris security.
The ldm command invokes the Logical Domains Manager and must be run on the control domain to configure domains and to retrieve state information. Limiting access to the control domain and to the ldm command is critical for the security of the domains that run on the system. To limit access to domain configuration data, use the Oracle VM Server for SPARC security features such as Oracle Solaris rights for consoles and solaris.ldoms authorizations. See Logical Domains Manager Profile Contents in Oracle VM Server for SPARC 3.1 Administration Guide .
The Oracle VM Server for SPARC software uses the following security features:
The security features that are available in the Oracle Solaris 10 OS and the Oracle Solaris 11 OS are also available on domains that run the Oracle VM Server for SPARC software. See Oracle Solaris 10 Security Guidelines and Oracle Solaris 11 Security Guidelines .
The Oracle Solaris OS security features can be applied to the Oracle VM Server for SPARC software. For comprehensive information about ensuring Oracle VM Server for SPARC security, see Security in a Virtualized Environment and Defending Against Attacks.
The Oracle Solaris 10 OS and the Oracle Solaris 11 OS include security fixes that are available for your system. Obtain Oracle Solaris 10 OS fixes as security patches or updates. Obtain Oracle Solaris 11 OS fixes as Support Repository Updates (SRUs).
For information about how to limit access to the Oracle VM Server for SPARC administration commands and domain consoles, and to enable the Oracle VM Server for SPARC auditing feature, see Chapter 3, Oracle VM Server for SPARC Security, in Oracle VM Server for SPARC 3.1 Administration Guide .