Solaris Zones from a security standpoint

Glenn Brunette and Jeff Victor published an interesting document about Solaris Zones with the Blueprint “Understanding the Security Capabilities of Solaris Zones Software”:

So why does the world need yet another article about Solaris Zones? Simple. Most publications and sites focus on the consolidation benefits of Solaris Zones. While server and service consolidation is a key use case for Solaris Zones, there is so much more to the technology. Other materials focus on system administration practices related to configuration, installation, management, and troubleshooting. This is incredibly useful information, but there is still an important gap. Namely, many people do not have a full appreciation of the security benefits enabled by Solaris Zones, and sparse root zone configurations more specifically.

Definitely a must-read document!