Darren Moffat about Kernel Zone security

Darren Moffat wrote an interesting blog entry about the security concept of Kernel zones. In “Overview of Solaris Zones Security Models”. He is especially talking about a very small, but very very interesting detail:

Note that what follows is an out line of implementation details that are subject to change at any time: The kernel of a Solaris Kernel Zone is represented as a user land process in a Solaris non global zone. That non global zone is configured with less privilege than a normal non global zone would have and it is always configured as an immutable zone. So if there happened to be an exploit of the guest kernel that resulted in a VM break out you would end up in an immutable non global zone with lowered privilege.