illumos gate

In a zone

% ppriv $$
786: -bash
flags = <none>
E: basic
I: basic
P: basic
L: basic,contract_event,contract_identity,contract_observer,file_chown,file_chown_self,
file_dac_execute,file_dac_read,file_dac_search,file_dac_write,file_owner,file_setid,ipc_dac_read,
ipc_dac_write,ipc_owner,net_bindmlp,net_icmpaccess,net_mac_aware,net_observability,net_privaddr,
net_rawaccess,proc_audit,proc_chroot,proc_lock_memory,proc_owner,proc_setid,proc_taskid,
sys_acct,sys_admin,sys_audit,sys_ip_config,sys_iptun_config,sys_mount,sys_nfs,sys_ppp_config,
sys_resource

The limit set here is the maximal allowable set in a zone. In the GZ the maximal allowable set has the convenient alias "all", it would be nice if in a zone there was a similar alias (I suspect re-using "all" would be bad), perhaps "all-zoned" or the like.