illumos

• After Oracle, OpenSolaris Rises Again - Simon Phipps in InfoWorld: “The result is a collaborative approach to open source that allows virtualization, cloud, and storage technologies to be created and sold without the need to pay “taxes” to a proprietary vendor.”
• Who’s Who in the illumos Community – please add your own bio
• “I wouldn’t feel entirely secure running ZFS on Linux when I could just as easily run SmartOS and get the “real” ZFS.” – HackerNews discussion
• Training from Joyent, including illumos/SmartOS Internals

http://www.kb.cert.org/vuls/id/649219: ”A ring3 attacker may be able to specifically craft a stack frame to be executed by ring0 (kernel) after a general protection exception (#GP). The fault will be handled before the stack switch, which means the exception handler will be run at ring0 with an attacker’s chosen RSP causing a privilege escalation. ”

From Robert Mustacchi: ”All, illumos is affected by this. We have landed a fix for this in illumos with hg changeset: 13724:7740792727e0 and issue id 2873. When returning from a system call we have a ‘fast’ path and a ‘slow’ path. Things that send us into the … Continue Reading

In the “oldies but goodies” department, 2.5 hours of Jeff Bonwick and Bill Moore at the SNIA Software Developers’ Conference, Sept, 2008 – a very thorough foundation on the guts of ZFS. Slides here.

DTrace in the zone ” DTrace is now completely usable in the non-global zone — and all without sacrificing the security model of zones!”