I am sponsoring the following Fast Track for Bill Schoofs. The project
requests
a minor release binding. All submitted materials are in the case directory.
--
1.0 Project Information
1.1 Name of project/component
libmikmod
1.2 Author of document
Bill Schoofs
2.0 Project Summary
2.1 Project Description
The MikMod sound library is an excellent way for a programmer to add
music and sound effects to an application. It is a powerful and flexible
library, with a simple and easy-to-learn API.
2.2 Release binding
What is is the release binding?
(see
http://opensolaris.org/os/community/arc/policies/release-taxonomy/)
[ ] Major
[X] Minor
[ ] Patch or Micro
[ ] Unknown -- ARC review required
2.3 Originating Community
2.3.1 Community Name
MikMod - http://mikmod.raphnet.net/
2.3.2 Community Involvement
Indicate Sun's involvement in the community
[ ] Maintainer
[ ] Contributor
[X] Monitoring
Will the project team work with the upstream community to resolve
architectural issues of interest to Sun?
[X] Yes
[ ] No - briefly explain
Will we or are we forking from the community?
[ ] Yes - ARC review required prior to forking
[X] No
3.0 Technical Description
3.1 Installation & Sharable
3.1.1S Solaris Installation - section only required for Solaris Software
(see
http://opensolaris.org/os/community/arc/policies/install-locations/ for
details)
Does this project follow the Install Locations best practice?
[X] Yes
[ ] No - ARC review required
Does this project install into /usr under
[sbin|bin|lib|include|man|share]?
[X] Yes
[ ] No or N/A
Does this project install into /opt?
[ ] Yes - explain below
[X] No or N/A
Does this project install into a different directory structure?
[ ] Yes - ARC review required
[X] No or N/A
Do any of the components of this project conflict with anything
under /usr?
(see http://opensolaris.org/os/community/arc/caselog/2007/047/ for
details)
[ ] Yes - explain below
[X] No
If conflicts exist then will this project install under /usr/gnu?
[ ] Yes
[ ] No - ARC review required
[ ] N/A
Is this project installing into /usr/sfw?
[ ] Yes - ARC review required
[X] No
3.1.1W Windows Installation - section only required for Windows Software
(see http://sac.sfbay/WSARC/2002/494 for details)
Does this project install software into a
<system drive>:\Program Files\Sun\<product> or <system
drive>:\Sun\<product>
directory?
[ ] Yes
[ ] No - ARC review required
Does the project use the Windows registry?
[ ] Yes
[ ] No - ARC review required
Does the project use
HKEY_LOCAL_MACHINE\SOFTWARE\Sun Microsystems\<product>\<version>
for the registry key?
[ ] Yes
[ ] No - ARC review required
Is the project's stored location
HKEY_LOCAL_MACHINE\SOFTWARE\Sun Microsystems\<product id>\<version
id>\Path?
[ ] Yes
[ ] No - ARC review required
3.1.2 Share and Sharable
Does the module include any components that are used or shared by
other projects?
[ ] Yes
[X] No
3.2 Libraries
Are 64-bit libraries being delivered?
[X] Yes
[ ] No - ARC review required
Are static versions of the library being delivered?
[ ] Yes - ARC review required
[X] No
3.3 Services and the /etc Directory
(see http://opensolaris.org/os/community/arc/policies/SMF-policy/)
Does the project integrate anything into /etc/init.d or /etc/rc?.d?
[ ] Yes - ARC review required
[X] No
Does the project integrate any new entries into /etc/inittab or
/etc/inetd.conf?
[ ] Yes - ARC review required
[X] No
Does the project integrate any private non-public files into
/etc/default
or /etc/ configuration files?
[ ] Yes - ARC review required
[X] No
Does the service manifests method context grant rights above that
of the noaccess user and basic privilege set?
[ ] Yes - ARC review required
[X] No
3.4 Security
3.4.1 Secure By Default
(see
http://opensolaris.org/os/community/arc/policies/secure-by-default/ for
details)
(see
http://www.opensolaris.org/os/community/arc/policies/NITS-policy/ for
details)
(see parts of
http://opensolaris.org/os/community/arc/policies/SMF-policy/ for
addtional details)
Are network services enabled by default?
[ ] Yes - ARC review required
[ ] No
[X] N/A
Are network services automatically enabled by the project during
installation?
[ ] Yes - ARC review required
[ ] No
[X] N/A
Are inbound network communications denied by default?
[ ] Yes
[ ] No - ARC review required
[X] N/A
Is inbound data checked to prevent content-based attacks?
[ ] Yes
[ ] No - ARC review required
[X] N/A
Is the outbound receiver authenticated?
[ ] Yes
[ ] No - ARC review required
[X] N/A
Is the receiver authenticated prior to receiving any sensitive
outbound communication?
[ ] Yes
[ ] No - ARC review required
[X] N/A
3.4.2 Authorization
(see
http://opensolaris.org/os/community/arc/bestpractices/rbac-intro/ and
http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/ and
http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/
for details)
Are there any setuid/setgid privileged binaries in the project?
[ ] Yes - ARC review required
[X] No - continue with next section
If yes then are the setuid/setgid privileges handled by the use of
roles?
[ ] Yes
[ ] No - ARC review required
3.4.3 Auditing
(see
http://opensolaris.org/os/community/arc/policies/audit-policy/ for details)
(see http://opensolaris.org/os/community/arc/caselog/2003/397 for
details)
Does this component contain administrative or security enforcing
software?
[ ] Yes - ARC review required
[X] No - continue to next section
(see http://opensolaris.org/os/community/arc/caselog/2003/397 for
details)
Do the components create audit logs detailing what took place
including what event
took place, who was involved, when the event took place?
[ ] Yes - ARC contract and Audit project team review required
[ ] No - ARC review required
3.4.4 Authentication
(see http://opensolaris.org/os/community/arc/policies/PAM/)
Do the components contain any authentication code?
[ ] Yes
[X] No - continue to next section
If yes do the components use PAM (plugable authentication modules)
for authentication?
[ ] Yes
[ ] No - ARC review required
If yes is a single PAM session maintained during authentication?
[ ] Yes
[ ] No - ARC review required
If yes are the components sufficiently privileged to allow the
requested
operations (authentication, password change, process credential
manipulation,
audit state initialization)?
[ ] Yes - briefly describe below
[ ] No - ARC review required
3.4.5 Passwords
(see
http://opensolaris.org/os/community/arc/bestpractices/passwords-cli/ and
http://opensolaris.org/os/community/arc/bestpractices/passwords-files/
for details)
Do any of the components for the project deal with passwords?
[ ] Yes
[X] No - continue to next section
If yes are these passwords entered via the CLI or environment?
[ ] Yes - ARC review required
[ ] No
Are passwords stored within the file system for the component?
[ ] Yes
[ ] No - continue to next section
If yes are the permissions on the file such to protect exposing
the password(s)?
[ ] Yes
[ ] No - ARC review required
3.4.6 General Security Questions
(see
http://opensolaris.org/os/community/arc/bestpractices/security-questions/
for details)
Do the components use standard network protocols?
[X] Yes
[ ] No - ARC review required
Do network services for the project make decisions based upon
user, host or
service identities?
[X] Yes - explain below
[ ] No
[ ] N/A
Network Drivers
These drivers send the generated sound over the network to a server
program, which sends the sound to the real sound hardware. The server
program can be on the same machine than your program, but MikMod
does not
have access to the hardware. Network drivers only support software
mixing.
drv_AF
This driver works with the "Digital AudioFile" library.
Start the server on the machine you want, set its hostname in the
AUDIOFILE environment variable, and MikMod is ready to send it
sound.
drv_esd
This driver works with the "Enlightened Sound Daemon".
Start the esd daemon on the machine you want, set its hostname
in the
ESPEAKER environment variable, and MikMod is ready to send it sound
Do the components make use of secret information during
authentication and/or
authorization?
[ ] Yes - explain below
[X] No
[ ] N/A
3.5 Networking
Do the components access the network?
[X] Yes
[ ] No - continue to next section
If yes do the components support IPv6?
[X] Yes
[ ] No - ARC review required
3.6 Core Solaris Components
Do the components of this project compete with or duplicate core
Solaris components?
[ ] Yes - ARC review required
[X] No
Examples of Core Solaris Components include but are not limited to:
Secure By Default
Authorizations
PAM -- Plugable Authentication Module
Privilege
PRM -- Process Rights Management -- Privilege
Audit
xVm -- Virtualization
zones / Solaris Containers
PRM -- Process Rights Management
RBAC -- Role Based Access Control
TX / Trusted Extensions
ZFS
SMF -- Service Management Facility
FMA -- Fault Management Architecture
SCF -- Smart Card Facility
IPsec
4.0 Interfaces
(see
http://www.opensolaris.org/os/community/arc/policies/interface-taxonomy/
for details)
4.1 Exported Interfaces
Interface Name Classification Comments
--------------------------- -------------------
---------------------------
libmikmod API Uncommitted version 3.2.0-beta2, see
http://mikmod.raphnet.net/doc/libmikmod-3.1.10/docs/mikmod.html
SUNWlibmikmod Uncommitted libmikmod's packaging
4.2 Imported Interfaces
Interface Name Classification Comments
--------------------------- --------------------
--------------------------
/dev/audio Committed
Appendix A - References
1. Solaris Installation Locations Policy
http://opensolaris.org/os/community/arc/policies/install-locations/
2. /usr/gnu Installation ARC case
http://opensolaris.org/os/community/arc/caselog/2007/047/
3. Secure By Default Policy
http://opensolaris.org/os/community/arc/policies/secure-by-default/
4. Network Install Time Securityuy Policy
http://www.opensolaris.org/os/community/arc/policies/NITS-policy/
5. Adding RBAC Authorizations Policy
http://opensolaris.org/os/community/arc/bestpractices/rbac-auths/
6. When to use setuid -vs- RBAC roles and profiles
http://opensolaris.org/os/community/arc/bestpractices/rbac-intro/ and
7. Building RBAC Rights Profiles
http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/
8. Solaris Audit Policy
http://opensolaris.org/os/community/arc/policies/audit-policy/
9. Security questionaire
http://opensolaris.org/os/community/arc/bestpractices/security-questions/
10. Interface Taxonomy
http://www.opensolaris.org/os/community/arc/policies/interface-taxonomy/
11. Plugable Authentication Modules -- PAM
http://opensolaris.org/os/community/arc/policies/PAM/
12. Reusable Passwords In Command Line Arguments and Environment Variables
http://opensolaris.org/os/community/arc/bestpractices/passwords-cli/
13. Storing Reusable Passwords on a Filesystem
http://opensolaris.org/os/community/arc/bestpractices/passwords-files/
14. Release Taxonomy
http://opensolaris.org/os/community/arc/policies/release-taxonomy/
15. Service Management Facility (SMF) usage
http://opensolaris.org/os/community/arc/policies/SMF-policy/
Appendix B - Suggested case materials
1. man pages
libmikmod-config.1
