The questionnaire is attached. Tom This message posted from opensolaris.org -------------- next part --------------
OpenSolaris Security Questionnaire The following questions have been developed to better understand how a product intends to leverage the core security capabilities found in OpenSolaris. It is intended that architectural review committees discuss the replies with each project team in order to ensure that each project is adequately using the security features and capabilities at their disposal. In this way, projects can more completely and consistently implement security recommended practices improving the overall quality of products delivered on OpenSolaris. Questions: 1. Is this project compliant with the OpenSolaris Secure by Default policy? http://www.opensolaris.org/os/community/arc/policies/secure-by-default/ 2. What kinds of source code security checks have been or will be performed on the software delivered by this project? If the code is being developed using the Sun Studio C compiler, has all of the C source code delivered by the project been verified to be lint clean using the -errsecurity=core (default) setting? If the code is being developed using the GNC C compiler, has all of the C source code delivered by the project been cleanly (without warnings) compiled using the following GNU C command line options: -Wall -Wformat -Wformat-nonliteral -Wformat-security For additional information, see: Sun Studio 9 New Features and Enhancements: Lint Security Checks http://docs.sun.com/source/819-0488/2.html#81723 3. Have all of the binary programs delivered by the project been compiled to have a non-executable stack? For additional information, see contents of: /usr/lib/ld/map.noexstk 4. Have all of the software package dependencies been properly documented for customers wishing to deploy reduced or minimal operating system images? For additional information, see: Support for Minimized Systems (INFODOC #86177) http://sunsolve.sun.com/ (Contract Customers Only) 5. Have all services delivered by this project been integrated with the Service Management Facility (SMF)? If so, is this project compliant with the SAC SMF Usage Policy: http://www.opensolaris.org/os/community/arc/policies/SMF-policy/ In particular, see the section titled "Guidance For Delivery of SMF Services" in this document for specific information on what security related requirements have been defined. For additional information, see: Restricting Service Administration in the Solaris 10 OS http://www.sun.com/blueprints/0605/819-2887.pdf Privilege Debugging in the Solaris 10 OS http://www.sun.com/blueprints/0206/819-5507.pdf Limiting Service Privileges in the Solaris 10 OS http://www.sun.com/blueprints/0505/819-2680.pdf 6. Is it possible to install this project on a Solaris sparse-root zone? If yes, must any non-default privileges be granted to the sparse-root zone? For additional information, see: PSARC/2006/124 Configurable Privileges for Zones http://www.opensolaris.org/os/community/arc/caselog/2006/124/ 7. Will this project install and operate on a system enabled for Solaris Trusted Extensions? For additional information, see: OpenSolaris Trusted Extensions Project http://www.opensolaris.org/os/community/security/projects/tx/ 8. Does the project run [correctly] at multiple single labels when Trusted Extensions is enabled? 9. Does the project run multi-level when Trusted Extensions in enabled? If yes, is the project label aware? * If yes does it provide an upgrade/downgrade facility? * If yes does it audit? * Is it label aware for local files? * Is it a label aware network service? 10. Does the project need to interact with the Trusted Path when Trusted Extensions is enabled? [or must it run only in the Solaris global zone]? 11. Have all set-uid command-line programs delivered by this project been configured for least privilege (i.e., drop privileges that are not needed and bracket use of privilege where appropriate)? For additional information, see: Privilege Bracketing in the Solaris 10 OS http://www.sun.com/blueprints/0406/819-6320.pdf 12. Does this project authenticate Solaris users? If so, is it compliant with the SAC Pluggable Authentication Mechanism Policy: http://www.opensolaris.org/os/community/arc/policies/PAM/ 13. Does this project include commands that must be executed by users who must have one or more non-basic privileges? If so, does this project deliver a role-based access control (RBAC) rights profile specifying which commands must be run with that privileges? For additional information, see: RBAC in the Solaris Operating Environment http://www.sun.com/software/whitepapers/wp-rbac/wp-rbac.pdf 14. Does this project provide or consume cryptographic services? Does this project perform encryption, decryption, or calculate message digests or message authentication codes? If so, does it integrate with the Solaris Cryptographic Framework? For additional information, see: OpenSolaris Cryptographic Framework Project http://www.opensolaris.org/os/community/security/projects/ef/ BigAdmin XPert Session: Solaris Cryptographic Framework http://www.sun.com/bigadmin/xperts/sessions/12_crypt/ 15. Does this project generate, use, or manage digitial certificates? If so, does it integrate with the Solaris Key Management Framework? For additional information, see: OpenSolaris Key Management Framework Project http://www.opensolaris.org/os/project/kmf/ 16. Is this project compliant with the SAC Solaris Audit Policy? http://www.opensolaris.org/os/community/arc/policies/audit-policy/ For additional information, see: OpenSolaris Audit Project http://opensolaris.org/os/project/audit/
