Solaris zones - checking processes and lofs file system

Hi all,

q1) If i am in a global-zone, is there any command or anyway to check if a particular process in "ps -ef" output is running in which zone ?

q2) if i have created and mount a lofs filesystem/mountpoint for my non-global zone, can i say the following

e.g.
/dev/md/dsk/d60 /data -- globalzone
mkdir -p /data/myzone/newinfo
mount -F lofs /data/myzone/newinfo /zones/myzone/root/data/newinfo

- there is a possibility that users might delete files in the localzone FROM the globalzone
- there is no way in for a localzone to view/delete files from lofs filesystem that belong to the globalzone

right ?

q3) is there anway i can isolate device/harddisk to localzone, so that users in globalzone, is not able to go directly into the filesystem/path to delete folders.
-- to export entire fs to a localzone (add fs set special/set raw etc..)
-- to export endire disk to a localzone (add device / set match)

right ?

Regards,
Noob

Check manual of ps command in solaris, there is -z -Z switches to show zone related process information.

'Users' have no business in global zone, only 'administrators' do.
Global zone will have access to everything in non-global zones if one has root role or user.

As for md devices, just add the device to zone, and reboot the non-global zone.
There are tricks from which you can present a disk (a md device, a raw disk, a fc lun etc.) without reboot on older releases, while newer support this in paper (haven't tried it tho).

Hope that helps
Regards
Peasant.