Re: OS Partitioning and security

From: Casper H.S. Dik (Casper.Dik_at_Sun.COM)
Date: 02/29/04


Date: 29 Feb 2004 12:07:12 GMT


"Tsvi Gad" <tsiky@mail.com> writes:

>I am looking for information about the following issue:
>A client I work for is going to use a single hardware for the Development
>and Production servers by using the machine ability of OS Partitioning. It
>means that every OS has its own hardware exept the bus that is common.
>The problem is that for security reasons there is a need to seperate the two
>servers and it also has different sets of data.
>I am sure every vendor will confirm that kind of architecture as safe but my
>guts says otherwise.

It depends very much on the type of hardware; e.g., on a Sun starfire,
(E10K) the bus is not visible because the crossbars between domains
are simply not used when the domains are separated (the buses which are
used inside the domains are physically seperated from the others)
This is also true for the newer systems; the system controller, a separate
system, has control over the configuration of the buses but the
domains themselves do not.

In the end it all depends on the specific hardware you use.

Casper

-- 
Expressed in this posting are my opinions.  They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.