Closed as approved.
--Irene
On Mon, 2008-07-07 at 11:24 +0800, Irene Huang wrote:
> If there's any issues with this case, please send an email before the
> timeout (07/08/2008)
>
> Thanks.
>
> --Irene
> On Wed, 2008-07-02 at 03:19 -0700, Shi-Ying Irene Huang wrote:
> > Template Version: @(#)sac_nextcase 1.66 04/17/08 SMI
> > This information is Copyright 2008 Sun Microsystems
> > 1. Introduction
> > 1.1. Project/Component Working Name:
> > contact-lookup-applet for OpenSolaris
> > 1.2. Name of Document Author/Supplier:
> > Author: Jedy Wang
> > 1.3 Date of This Document:
> > 02 July, 2008
> > 4. Technical Description
> > FCL--FOSS Check List
> >
> > 1.0 Project Information
> > 1.1 Name of project/component
> > contact-lookup-applet
> >
> > 1.2 Author of document
> > Jedy Wang <jedy.wang at sun.com>
> >
> > 2.0 Project Summary
> > 2.1 Project Description
> > Contact-lookup-applet is an applet for gnome-panel which can quickly
> > search your Evolution address book. The latest code is available at
> > http://www.burtonini.com/computing/.
> >
> > To use the contact-lookup-applet, the user has to right click the
> > panel
> > and select "Add to Panel..." to add the contact-lookup-applet into
> > the
> > panel and enter the key word in the text entry of the applet. The
> > result
> > will be shown in a popup dialog.
> >
> > 2.2 Release binding
> > What is is the release binding?
> > (see
> > http://opensolaris.org/os/community/arc/policies/release-taxonomy/)
> > [ ] Major
> > [X] Minor
> > [ ] Patch or Micro
> > [ ] Unknown -- ARC review required
> >
> > 2.3 Type of project
> > Is this case a Linux Familiarity project?
> > [X] Yes
> > [ ] No
> >
> > 2.4 Originating Community
> > 2.4.1 Community Name
> > Ross Burton
> >
> > 2.4.2 Community Involvement
> > Indicate Sun's involvement in the community
> > [ ] Maintainer
> > [ ] Contributor
> > [X] Monitoring
> >
> > Will the project team work with the upstream community to resolve
> > architectural issues of interest to Sun?
> > [X] Yes
> > [ ] No - briefly explain
> >
> > Will we or are we forking from the community?
> > [ ] Yes - ARC review required prior to forking
> > [X] No
> >
> > 3.0 Technical Description
> > 3.1 Installation & Sharable
> > 3.1.1S Solaris Installation - section only required for Solaris Software
> > (see
> > http://opensolaris.org/os/community/arc/policies/install-locations/ for
> > details)
> > Does this project follow the Install Locations best practice?
> > [X] Yes
> > [ ] No - ARC review required
> >
> > Does this project install into /usr under
> > [sbin|bin|lib|include|man|share]?
> > [X] Yes
> > [ ] No or N/A
> >
> > Does this project install into /opt?
> > [ ] Yes - explain below
> > [X] No or N/A
> >
> > Does this project install into a different directory structure?
> > [ ] Yes - ARC review required
> > [X] No or N/A
> >
> > Do any of the components of this project conflict with anything under
> > /usr?
> > (see http://opensolaris.org/os/community/arc/caselog/2007/047/ for
> > details)
> > [ ] Yes - explain below
> > [X] No
> >
> > If conflicts exist then will this project install under /usr/gnu?
> > [ ] Yes
> > [ ] No - ARC review required
> > [X] N/A
> >
> > Is this project installing into /usr/sfw?
> > [ ] Yes - ARC review required
> > [X] No
> >
> > 3.1.1W Windows Installation - section only required for Windows Software
> > (see http://sac.sfbay/WSARC/2002/494 for details)
> > Does this project install software into a
> > <system drive>:\Program Files\Sun\<product> or <system
> > drive>:\Sun\<product>
> > directory?
> > [ ] Yes
> > [ ] No - ARC review required
> >
> > Does the project use the Windows registry?
> > [ ] Yes
> > [ ] No - ARC review required
> >
> > Does the project use
> > HKEY_LOCAL_MACHINE\SOFTWARE\Sun Microsystems\<product>\<version>
> > for the registry key?
> > [ ] Yes
> > [ ] No - ARC review required
> >
> > Is the project's stored location
> > HKEY_LOCAL_MACHINE\SOFTWARE\Sun Microsystems\<product id>\<version
> > id>\Path?
> > [ ] Yes
> > [ ] No - ARC review required
> >
> > 3.1.2 Share and Sharable
> > Does the module include any components that are used or shared by
> > other projects?
> > [ ] Yes
> > [X] No
> >
> > If yes are these components packaged to be shared with the other FOSS?
> > [ ] Yes
> > [ ] No - ARC review required
> > [X] N/A
> >
> > Are these components already in the Solaris WOS?
> > [ ] Yes
> > [X] No - continue with next section (section 3.2)
> >
> > If yes are these newer versions being delivered?
> > [ ] Yes
> > [ ] No - ARC review required
> >
> > If yes are the newer versions replacing the existing versions?
> > [ ] Yes
> > [ ] No - ARC review required
> >
> > 3.2 Exported Libraries
> > Are libraries being delivered by this project?
> > [ ] Yes
> > [X] No - continue with next section (section 3.3)
> >
> > Are 64-bit versions of the libraries being delivered?
> > [ ] Yes
> > [ ] No - ARC review required
> >
> > Are static versions of the libraries being delivered?
> > [ ] Yes - ARC review required
> > [ ] No
> >
> > 3.3 Services and the /etc Directory
> > (see http://opensolaris.org/os/community/arc/policies/SMF-policy/)
> > Does the project integrate anything into /etc/init.d or /etc/rc?.d?
> > [ ] Yes - ARC review required
> > [X] No
> >
> > Does the project integrate any new entries into /etc/inittab or
> > /etc/inetd.conf?
> > [ ] Yes - ARC review required
> > [ ] No
> >
> > Does the project integrate any private non-public files into
> > /etc/default
> > or /etc/ configuration files?
> > [ ] Yes - ARC review required
> > [X] No
> >
> > Does the service manifests method context grant rights above that
> > of the noaccess user and basic privilege set?
> > [ ] Yes - ARC review required
> > [X] No
> >
> > 3.4 Security
> > 3.4.1 Secure By Default
> > (see
> > http://opensolaris.org/os/community/arc/policies/secure-by-default/ for
> > details)
> > (see
> > http://www.opensolaris.org/os/community/arc/policies/NITS-policy/ for
> > details)
> > (see parts of
> > http://opensolaris.org/os/community/arc/policies/SMF-policy/ for
> > addtional details)
> > Are there any network services provided by this project?
> > [ ] Yes
> > [X] No - continue with the next section (section 3.4.2)
> >
> > Are network services enabled by default?
> > [ ] Yes - ARC review required
> > [ ] No
> > [ ] N/A
> >
> > Are network services automatically enabled by the project during
> > installation?
> > [ ] Yes - ARC review required
> > [ ] No
> > [ ] N/A
> >
> > Are inbound network communications denied by default?
> > [ ] Yes
> > [ ] No - ARC review required
> > [ ] N/A
> >
> > Is inbound data checked to prevent content-based attacks?
> > [ ] Yes
> > [ ] No - ARC review required
> > [ ] N/A
> >
> > Is the outbound receiver authenticated?
> > [ ] Yes
> > [ ] No - ARC review required
> > [ ] N/A
> >
> > Is the receiver authenticated prior to receiving any sensitive
> > outbound communication?
> > [ ] Yes
> > [ ] No - ARC review required
> > [ ] N/A
> >
> > 3.4.2 Authorization
> > (see
> > http://opensolaris.org/os/community/arc/bestpractices/rbac-intro/ and
> >
> > http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/ and
> >
> > http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/
> > for details)
> > Are there any setuid/setgid privileged binaries in the project?
> > [ ] Yes - ARC review required
> > [X] No - continue with next section (section 3.4.3)
> >
> > If yes then are the setuid/setgid privileges handled by the use of
> > roles?
> > [ ] Yes
> > [ ] No - ARC review required
> >
> > 3.4.3 Auditing
> > (see http://opensolaris.org/os/community/arc/policies/audit-policy/
> > for details)
> > (see http://opensolaris.org/os/community/arc/caselog/2003/397 for
> > details)
> > Does this component contain administrative or security enforcing
> > software?
> > [ ] Yes - ARC review required
> > [X] No - continue to next section (section 3.4.4)
> >
> > (see http://opensolaris.org/os/community/arc/caselog/2003/397 for
> > details)
> > Do the components create audit logs detailing what took place
> > including what event
> > took place, who was involved, when the event took place?
> > [ ] Yes - ARC contract and Audit project team review required
> > [ ] No - ARC review required
> >
> >
> > 3.4.4 Authentication
> > (see http://opensolaris.org/os/community/arc/policies/PAM/)
> > Do the components contain any authentication code?
> > [ ] Yes
> > [X] No - continue to next section (section 3.4.5)
> >
> > If yes do the components use PAM (plugable authentication modules)
> > for authentication?
> > [ ] Yes
> > [ ] No - ARC review required
> >
> > If yes is a single PAM session maintained during authentication?
> > [ ] Yes
> > [ ] No - ARC review required
> >
> > If yes are the components sufficiently privileged to allow the
> > requested
> > operations (authentication, password change, process credential
> > manipulation,
> > audit state initialization)?
> > [ ] Yes - briefly describe below
> > [ ] No - ARC review required
> >
> > 3.4.5 Passwords
> > (see
> > http://opensolaris.org/os/community/arc/bestpractices/passwords-cli/ and
> >
> > http://opensolaris.org/os/community/arc/bestpractices/passwords-files/ for
> > details)
> > Do any of the components for the project deal with passwords?
> > [ ] Yes
> > [X] No - continue to next section (section 3.4.6)
> >
> > If yes are these passwords entered via the CLI or environment?
> > [ ] Yes - ARC review required
> > [ ] No
> >
> > Are passwords stored within the file system for the component?
> > [ ] Yes
> > [ ] No - continue to next section (section 3.4.6)
> >
> > If yes are the permissions on the file such to protect exposing the
> > password(s)?
> > [ ] Yes
> > [ ] No - ARC review required
> >
> > 3.4.6 General Security Questions
> > (see
> > http://opensolaris.org/os/community/arc/bestpractices/security-questions/
> > for details)
> > Are there any network protocols used by this project?
> > [ ] Yes
> > [X] No - continue with the next section (section 3.5)
> >
> > Do the components use standard network protocols?
> > [ ] Yes
> > [ ] No - ARC review required
> >
> > Do network services for the project make decisions based upon user,
> > host or
> > service identities?
> > [ ] Yes - explain below
> > [ ] No
> > [ ] N/A
> >
> > Do the components make use of secret information during
> > authentication and/or
> > authorization?
> > [ ] Yes - explain below
> > [ ] No
> > [ ] N/A
> >
> > 3.5 Networking
> > Do the components access the network?
> > [ ] Yes
> > [X] No - continue with the next section (section 3.6)
> >
> > If yes do the components support IPv6?
> > [ ] Yes
> > [ ] No - ARC review required
> >
> > 3.6 Core Solaris Components
> > Do the components of this project compete with or duplicate core
> > Solaris components?
> > [ ] Yes - ARC review required
> > [X] No
> >
> > 4.0 Interfaces
> > (see
> > http://www.opensolaris.org/os/community/arc/policies/interface-taxonomy/
> > for details)
> > 4.1 Exported Interfaces
> >
> > Interface Name Classification Comments
> > --------------------------- -------------------
> > ---------------------------
> > SUNWcontact-lookup-applet Uncommitted package name
> > /usr/lib/contact-lookup-applet Volatile binary of
> > contact-
> > loolup-applet
> > /usr/lib/bonobo/servers/ Volatile bonobo startup
> > file of
> > GNOME_ContactLookupApplet.server
> > contact-lookup-applet
> > /usr/share/lookup-applet/ Project directory stores
> > Private data used by
> >
> > contact-lookup-applet
> >
> > 4.2 Imported Interfaces
> > Interface Name Classification Comments
> > --------------------------- --------------------
> > --------------------------
> > GNOME Committed Committed LSARC/2008/207
> > Platform Libraries
> >
> >
> > 6. Resources and Schedule
> > 6.4. Steering Committee requested information
> > 6.4.1. Consolidation C-team Name:
> > Desktop
> > 6.5. ARC review type: FastTrack
> > 6.6. ARC Exposure: open
> >
>
