Restriction on Accessing a Non-Global Zone From the Global Zone
After a non-global zone is installed, the zone must never be accessed directly from the global zone by any commands other than system backup utilities. Moreover, a non-global zone can no longer be considered secure after it has been exposed to an unknown environment. An example would be a zone placed on a publicly accessible network, where it would be possible for the zone to be compromised and the contents of its file systems altered. If any compromise could have occurred, the global administrator should treat the zone as untrusted.
Any command that accepts an alternative root by using the ‐R or ‐b options (or the equivalent) must not be used when the following are true:
-
The command is executed in the global zone.
-
The alternative root refers to any path within a non-global zone, whether the path is relative to the current running system's global zone or the global zone in an alternative root.
An example is the pkgadd -R
root-path command when run from the global zone with a non-global zone root path.
-
Commands that use ‐R with an alternative root path include
auditreduce,metaroot,pkg, andsyseventadm. -
Commands that use ‐b with an alternative root path include
add_drvanduseradd.