* Bill Sommerfeld <sommerfeld at sun.com> [2007-01-22 14:30]: > I've found a few detail-related issues with this proposal. Overall, I'm > concerned that this case is too large to review as a single fasttrack, > and might have been better presented as several individual fasttracks > over the course of several weeks.
Noted. I am happy to extend the timer on this case, with the short term focus going to 047 and 049. > specific issues: > > wes-1 "printenv", "whoami", and "users" are currently delivered in > solaris in /usr/ucb. Are the versions you propose to deliver > as part of this project upwards-compatible with the /usr/ucb > variants? Unknown at this time. I am not sure that I agree that tools delivered in /usr/bin need to be upwards compatible with a specific environment's implementation, if that environment never delivered its implementations into the default path. > wes-2 With respect to "shred": the limitations of this tool in the > Solaris environment need to be very carefully documented. > I'd like to see it withdrawn from this case to get appropriate > individual scrutiny. Unless further discussion arises, I will amend to withdraw. I assume that this request is similar in spirit to the current non-delivery of GNU su. > wes-3 "sha1sum", "sha224sum", "sha256sum", "sha384sum" and "sha512sum" > are listed as conflicting commands but as far as I can tell > aren't delivered into /usr/bin on solaris. Darren Moffat asked to reserve /usr/bin/sha*sum for future work in the Security Community. As a result, these conflict with "existing or anticipated components" (2007/047, 2.4), and remain only in /usr/gnu. > wes-4 the sha*sum commands (and any other commands delivered by this > project which use cryptographic hashes) should use one of the > existing hash function implementations in Solaris rather than > delivering a new copy. (see libmd(3LIB)). Disagree on economic grounds. The cryptographic functions in the package are Project Private and, at present, deviation would introduce a maintenance cost not borne by other distributions that choose to include these utilities. - Stephen -- Stephen Hahn, PhD Solaris Kernel Development, Sun Microsystems stephen.hahn at sun.com http://blogs.sun.com/sch/
