This case is now closed/approved as all issues have been addressed and it has timed out.
Thanks Margot Margot Miller wrote: > All, > > I am sponsoring the following fast track for Ken. Timeout is > THURSDAY Nov 20th. Requesting patch binding. Man pages > are in the case directory. > > Below is the proposal and FOSS checklist. > > Thanks > Margot > > ---------------------------------------------------------------------------------------------------------- > > > > Template Version: @(#)sac_nextcase 1.66 04/17/08 SMI > This information is Copyright 2008 Sun Microsystems > 1. Introduction > 1.1. Project/Component Working Name: > sox > 1.2. Name of Document Author/Supplier: > Author: Ken Erickson > 1.3 Date of This Document: > 30 October 2008 > 2. Project Summary > 2.1. Project Description > > This project delivers the sox package, version 14.0.1, > an audio file conversion and sound effects utility. > 4. Technical Description > > sox (SOund eXchange) is a command line utility, and an associated > set of library routines, which convert many different digital > audio formats, and can process audio files to add various > sound effects. > 5. Interfaces > > Exported interface > Classification Interface type > =============================== ============== ============== > SUNWsound-exchange > Uncommitted Package name > /usr/bin/sox > Uncommitted command > > /usr/include/sox.h > Uncommitted header > /usr/include/soxsdtint.h > Uncommitted header > /usr/lib/libsox.so.0.0.0 > Uncommitted library > > /usr/lib/libsox.so.0 > Uncommitted symlink > /usr/lib/libsox.so > Uncommitted symlink > /usr/lib/libsfx.so.0.0.0 > Uncommitted library > /usr/lib/libsfx.so.0 > Uncommitted symlink > > /usr/lib/libsfx.so > Uncommitted symlink > /usr/lib/sox > Uncommitted directory > /usr/lib/sox/*.so.0.0.0 > Project Private conversion libraries > > > > 5a. Manpages > > /usr/share/man/man1/sox.1 Uncommitted manpage > /usr/share/man/man3/libsox.3 Uncommitted manpage > /usr/share/man/man4/soxformat.4 Uncommitted manpage > /usr/share/man/man5/soxeffect.5 Uncommitted manpage > /usr/share/man/man5/soxexam.5 Uncommitted manpage > > 6. Resources and Schedule > 6.4. Steering Committee requested information > 6.4.1. Consolidation C-team Name: > SFW > 6.5. ARC review type: FastTrack > 6.6. ARC Exposure: open > > ---------------------------------------------------------------------------------------------------------- > > > FCL--FOSS Check List > 1.0 Project Information > 1.1 Name of project/component > > sox > > 1.2 Author of document > > Ken Erickson > > 2.0 Project Summary > 2.1 Project Description > > 2.2 Release binding > What is is the release binding? > (see > http://opensolaris.org/os/community/arc/policies/release-taxonomy/) > [ ] Major > [ ] Minor > [ X] Patch or Micro > [ ] Unknown -- ARC review required > > 2.3 Type of project > Is this case a Linux Familiarity project? > [ ] Yes > [ x] No > > 2.4 Originating Community > 2.4.1 Community Name > 2.4.2 Community Involvement > Indicate Sun's involvement in the community > [ ] Maintainer > [ ] Contributor > [ x] Monitoring > Will the project team work with the upstream community to resolve > architectural issues of interest to Sun? > [ x] Yes [ ] No - briefly explain > Will we or are we forking from the community? > [ ] Yes - ARC review required prior to forking > [ x] No > > 3.0 Technical Description > 3.1 Installation & Sharable > 3.1.1S Solaris Installation - section only required for Solaris > Software > (see > http://opensolaris.org/os/community/arc/policies/install-locations/ > for details) > Does this project follow the Install Locations best practice? > [ x] Yes [ ] No - ARC review required > Does this project install into /usr under > [sbin|bin|lib|include|man|share]? > [ x] Yes > [ ] No or N/A > Does this project install into /opt? > [ ] Yes - explain below > [ ] No or N/A > Does this project install into a different directory structure? > [ ] Yes - ARC review required > [ ] No or N/A > Do any of the components of this project conflict with anything > under /usr? > (see http://opensolaris.org/os/community/arc/caselog/2007/047/ > for details) > [ ] Yes - explain below > [ x] No > If conflicts exist then will this project install under /usr/gnu? > [ ] Yes > [ ] No - ARC review required > [ ] N/A > Is this project installing into /usr/sfw? > [ ] Yes - ARC review required > [ ] No > 3.1.1W Windows Installation - section only required for Windows > Software > (see http://sac.sfbay/WSARC/2002/494 for details) > Does this project install software into a <system > drive>:\Program Files\Sun\<product> or <system drive>:\Sun\<product> > directory? > [ ] Yes > [ ] No - ARC review required > Does the project use the Windows registry? > [ ] Yes > [ ] No - ARC review required > Does the project use HKEY_LOCAL_MACHINE\SOFTWARE\Sun > Microsystems\<product>\<version> > for the registry key? > [ ] Yes > [ ] No - ARC review required > Is the project's stored location > HKEY_LOCAL_MACHINE\SOFTWARE\Sun Microsystems\<product > id>\<version id>\Path? > [ ] Yes > [ ] No - ARC review required > > 3.1.2 Share and Sharable > Does the module include any components that are used or shared by > other projects? > [ ] Yes > [ x] No > If yes are these components packaged to be shared with the other > FOSS? > [ ] Yes > [ ] No - ARC review required > [ ] N/A > Are these components already in the Solaris WOS? > [ ] Yes > [ ] No - continue with next section (section 3.2) > If yes are these newer versions being delivered? > [ ] Yes > [ ] No - ARC review required > If yes are the newer versions replacing the existing versions? > [ ] Yes > [ ] No - ARC review required > > 3.2 Exported Libraries > Are libraries being delivered by this project? > [ x] Yes > [ ] No - continue with next section (section 3.3) > Are 64-bit versions of the libraries being delivered? > [ ] Yes > [ x] No - ARC review required > Are static versions of the libraries being delivered? > [ ] Yes - ARC review required > [x ] No > 3.3 Services and the /etc Directory > (see http://opensolaris.org/os/community/arc/policies/SMF-policy/) > Does the project integrate anything into /etc/init.d or /etc/rc?.d? > [ ] Yes - ARC review required > [ x] No > Does the project integrate any new entries into /etc/inittab or > /etc/inetd.conf? > [ ] Yes - ARC review required > [ x] No > Does the project integrate any private non-public files into > /etc/default > or /etc/ configuration files? > [ ] Yes - ARC review required > [ x] No > Does the service manifests method context grant rights above that > of the noaccess user and basic privilege set? > [ ] Yes - ARC review required > [ x] No > > 3.4 Security > 3.4.1 Secure By Default (see > http://opensolaris.org/os/community/arc/policies/secure-by-default/ > for details) > (see > http://www.opensolaris.org/os/community/arc/policies/NITS-policy/ for > details) > (see parts of > http://opensolaris.org/os/community/arc/policies/SMF-policy/ for > addtional details) > Are there any network services provided by this project? > [ ] Yes > [ x] No - continue with the next section (section 3.4.2) > Are network services enabled by default? > [ ] Yes - ARC review required > [ ] No > [ ] N/A > Are network services automatically enabled by the project during > installation? > [ ] Yes - ARC review required > [ ] No > [ ] N/A > Are inbound network communications denied by default? > [ ] Yes > [ ] No - ARC review required > [ ] N/A > Is inbound data checked to prevent content-based attacks? > [ ] Yes > [ ] No - ARC review required > [ ] N/A > Is the outbound receiver authenticated? > [ ] Yes > [ ] No - ARC review required > [ ] N/A > Is the receiver authenticated prior to receiving any sensitive > outbound communication? > [ ] Yes > [ ] No - ARC review required > [ ] N/A > > 3.4.2 Authorization > (see > http://opensolaris.org/os/community/arc/bestpractices/rbac-intro/ and > > http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/ and > > http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/ > for details) > Are there any setuid/setgid privileged binaries in the project? > [ ] Yes - ARC review required > [ x] No - continue with next section (section 3.4.3) > If yes then are the setuid/setgid privileges handled by the use > of roles? > [ ] Yes > [ ] No - ARC review required > > 3.4.3 Auditing > (see > http://opensolaris.org/os/community/arc/policies/audit-policy/ for > details) > (see http://opensolaris.org/os/community/arc/caselog/2003/397 for > details) > Does this component contain administrative or security enforcing > software? > [ ] Yes - ARC review required > [ x] No - continue to next section (section 3.4.4) > (see > http://opensolaris.org/os/community/arc/caselog/2003/397 for details) > Do the components create audit logs detailing what took place > including what event > took place, who was involved, when the event took place? > [ ] Yes - ARC contract and Audit project team review required > [ ] No - ARC review required > 3.4.4 Authentication > (see http://opensolaris.org/os/community/arc/policies/PAM/) > Do the components contain any authentication code? > [ ] Yes > [ x] No - continue to next section (section 3.4.5) > If yes do the components use PAM (plugable authentication > modules) for authentication? > [ ] Yes > [ ] No - ARC review required > If yes is a single PAM session maintained during authentication? > [ ] Yes > [ ] No - ARC review required > If yes are the components sufficiently privileged to allow the > requested operations (authentication, password change, process > credential manipulation, audit state initialization)? > [ ] Yes - briefly describe below > [ ] No - ARC review required > > 3.4.5 Passwords > (see > http://opensolaris.org/os/community/arc/bestpractices/passwords-cli/ and > > http://opensolaris.org/os/community/arc/bestpractices/passwords-files/ > for details) > Do any of the components for the project deal with passwords? > [ ] Yes > [ x] No - continue to next section (section 3.4.6) > If yes are these passwords entered via the CLI or environment? > [ ] Yes - ARC review required > [ ] No > Are passwords stored within the file system for the component? > [ ] Yes > [ ] No - continue to next section (section 3.4.6) > If yes are the permissions on the file such to protect exposing > the password(s)? > [ ] Yes > [ ] No - ARC review required > > 3.4.6 General Security Questions > (see > http://opensolaris.org/os/community/arc/bestpractices/security-questions/ > for details) > Are there any network protocols used by this project? > [ ] Yes > [ x] No - continue with the next section (section 3.5) > Do the components use standard network protocols? > [ ] Yes > [ ] No - ARC review required > Do network services for the project make decisions based upon > user, host or service > identities? > [ ] Yes - explain below > [ ] No > [ ] N/A > Do the components make use of secret information during > authentication and/or > authorization? > [ ] Yes - explain below > [ ] No > [ ] N/A > > 3.5 Networking > Do the components access the network? > [ ] Yes > [ x] No - continue with the next section (section 3.6) > If yes do the components support IPv6? > [ ] Yes [ ] No - ARC review required > > 3.6 Core Solaris Components > Do the components of this project compete with or duplicate core > Solaris components? > [ ] Yes - ARC review required > [ x] No Examples of Core Solaris Components include but > are not limited to: > Secure By Default > Authorizations > PAM -- Plugable Authentication Module > Privilege > PRM -- Process Rights Management -- Privilege > Audit > xVm -- Virtualization > zones / Solaris Containers > PRM -- Process Rights Management > RBAC -- Role Based Access Control > TX / Trusted Extensions > ZFS > SMF -- Service Management Facility > FMA -- Fault Management Architecture > SCF -- Smart Card Facility > IPsec > 4.0 Interfaces > (see > http://www.opensolaris.org/os/community/arc/policies/interface-taxonomy/ > for details) > > See Fast Track > > >
