I am sponsering this case for Gayatri. It is a Linux Familiarity project. Best Regards, Michael
Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI This information is Copyright 2009 Sun Microsystems 1. Introduction 1.1. Project/Component Working Name: Cheetah 1.2. Name of Document Author/Supplier: Author: Gayatri Tripathi 1.3 Date of This Document: 07 December, 2009 4. Technical Description 0. Introduction 0.1 Document History Version Author Changes Date 0.1 Gayatri Tripathi Initial Draft 11 Sep 2009 0.2 Purpose This checklist is to aid in the FastTrack ARC review process for the integration of Cheetah project into OpenSolaris. 1.0 Project Information 1.1 Name of project/component Cheetah 1.2 Author of document Gayatri Tripathi 2.0 Project Summary 2.1 Project Description Cheetah is an open source template engine and code generation tool. It can be used standalone or combined with other tools and frameworks. Web development is its principle use, but Cheetah is very flexible and is also being used to generate C++ game code, Java, sql, form emails and even Python code. 2.2 Release binding What is is the release binding? (see http://opensolaris.org/os/community/arc/policies/release-taxonomy/) [ ] Major [X] Minor [ ] Patch or Micro [ ] Unknown -- ARC review required 2.3 Type of project Is this case a Linux Familiarity project? [X] Yes [ ] No 2.4 Originating Community 2.4.1 Community Name http://cheetahtemplate.org/ 2.4.2 Community Involvement Indicate Sun's involvement in the community [ ] Maintainer [ ] Contributor [X] Monitoring Will the project team work with the upstream community to resolve architectural issues of interest to Sun? [X] Yes [ ] No - briefly explain Will we or are we forking from the community? [ ] Yes - ARC review required prior to forking [X] No 3.0 Technical Description 3.1 Installation & Sharable 3.1.1S Solaris Installation - section only required for Solaris Software (see http://opensolaris.org/os/community/arc/policies/install-locations/ for details) Does this project follow the Install Locations best practice? [X] Yes [ ] No - ARC review required Does this project install into /usr under [sbin|bin|lib|include|man|share]? [X] Yes [ ] No or N/A Does this project install into /opt? [ ] Yes - explain below [X] No or N/A Does this project install into a different directory structure? [ ] Yes - ARC review required [X] No or N/A Do any of the components of this project conflict with anything under /usr? (see http://opensolaris.org/os/community/arc/caselog/2007/047/ for details) [ ] Yes - explain below [X] No If conflicts exist then will this project install under /usr/gnu? [ ] Yes [ ] No - ARC review required [X] N/A Is this project installing into /usr/sfw? [ ] Yes - ARC review required [X] No 3.1.1W Windows Installation - section only required for Windows Software (see http://sac.sfbay/WSARC/2002/494 for details) Does this project install software into a <system drive>:\Program Files\Sun\<product> or <system drive>:\Sun\<product> directory? [ ] Yes [ ] No - ARC review required Does the project use the Windows registry? [ ] Yes [ ] No - ARC review required Does the project use HKEY_LOCAL_MACHINE\SOFTWARE\Sun Microsystems\<product>\<version> for the registry key? [ ] Yes [ ] No - ARC review required Is the project's stored location HKEY_LOCAL_MACHINE\SOFTWARE\Sun Microsystems\<product id>\<version id>\Path? [ ] Yes [ ] No - ARC review required 3.1.2 Share and Sharable Does the module include any components that are used or shared by other projects? [ ] Yes [X] No If yes are these components packaged to be shared with the other FOSS? [ ] Yes [ ] No - ARC review required [X] N/A Are these components already in the Solaris WOS? [ ] Yes [X] No - continue with next section (section 3.2) If yes are these newer versions being delivered? [ ] Yes [ ] No - ARC review required If yes are the newer versions replacing the existing versions? [ ] Yes [ ] No - ARC review required 3.2 Exported Libraries Are libraries being delivered by this project? [ ] Yes [X] No - continue with next section (section 3.3) Are 64-bit versions of the libraries being delivered? [ ] Yes [ ] No - ARC review required Are static versions of the libraries being delivered? [ ] Yes - ARC review required [ ] No 3.3 Services and the /etc Directory (see http://opensolaris.org/os/community/arc/policies/SMF-policy/) Does the project integrate anything into /etc/init.d or /etc/rc?.d? [ ] Yes - ARC review required [X] No Does the project integrate any new entries into /etc/inittab or /etc/inetd.conf? [ ] Yes - ARC review required [X] No Does the project integrate any private non-public files into /etc/default or /etc/ configuration files? [ ] Yes - ARC review required [X] No Does the service manifests method context grant rights above that of the noaccess user and basic privilege set? [ ] Yes - ARC review required [X] No 3.4 Security 3.4.1 Secure By Default (see http://opensolaris.org/os/community/arc/policies/secure-by-default/ for details) (see http://www.opensolaris.org/os/community/arc/policies/NITS-policy/ for details) (see parts of http://opensolaris.org/os/community/arc/policies/SMF-policy/ for addtional details) Are there any network services provided by this project? [ ] Yes [X] No - continue with the next section (section 3.4.2) Are network services enabled by default? [ ] Yes - ARC review required [ ] No [ ] N/A Are network services automatically enabled by the project during installation? [ ] Yes - ARC review required [ ] No [ ] N/A Are inbound network communications denied by default? [ ] Yes [ ] No - ARC review required [ ] N/A Is inbound data checked to prevent content-based attacks? [ ] Yes [ ] No - ARC review required [ ] N/A Is the outbound receiver authenticated? [ ] Yes [ ] No - ARC review required [ ] N/A Is the receiver authenticated prior to receiving any sensitive outbound communication? [ ] Yes [ ] No - ARC review required [ ] N/A 3.4.2 Authorization (see http://opensolaris.org/os/community/arc/bestpractices/rbac-intro/ and http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/ and http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/ for details) Are there any setuid/setgid privileged binaries in the project? [ ] Yes - ARC review required [X] No - continue with next section (section 3.4.3) If yes then are the setuid/setgid privileges handled by the use of roles? [ ] Yes [ ] No - ARC review required 3.4.3 Auditing (see http://opensolaris.org/os/community/arc/policies/audit-policy/ for details) (see http://opensolaris.org/os/community/arc/caselog/2003/397 for details) Does this component contain administrative or security enforcing software? [ ] Yes - ARC review required [X] No - continue to next section (section 3.4.4) (see http://opensolaris.org/os/community/arc/caselog/2003/397 for details) Do the components create audit logs detailing what took place including what event took place, who was involved, when the event took place? [ ] Yes - ARC contract and Audit project team review required [ ] No - ARC review required 3.4.4 Authentication (see http://opensolaris.org/os/community/arc/policies/PAM/) Do the components contain any authentication code? [ ] Yes [X] No - continue to next section (section 3.4.5) If yes do the components use PAM (plugable authentication modules) for authentication? [ ] Yes [ ] No - ARC review required If yes is a single PAM session maintained during authentication? [ ] Yes [ ] No - ARC review required If yes are the components sufficiently privileged to allow the requested operations (authentication, password change, process credential manipulation, audit state initialization)? [ ] Yes - briefly describe below [ ] No - ARC review required 3.4.5 Passwords (see http://opensolaris.org/os/community/arc/bestpractices/passwords-cli/ and http://opensolaris.org/os/community/arc/bestpractices/passwords-files/ for details) Do any of the components for the project deal with passwords? [ ] Yes [X] No - continue to next section (section 3.4.6) If yes are these passwords entered via the CLI or environment? [ ] Yes - ARC review required [ ] No Are passwords stored within the file system for the component? [ ] Yes [ ] No - continue to next section (section 3.4.6) If yes are the permissions on the file such to protect exposing the password(s)? [ ] Yes [ ] No - ARC review required 3.4.6 General Security Questions (see http://opensolaris.org/os/community/arc/bestpractices/security-questions/ for details) Are there any network protocols used by this project? [ ] Yes [X] No - continue with the next section (section 3.5) Do the components use standard network protocols? [ ] Yes [ ] No - ARC review required Do network services for the project make decisions based upon user, host or service identities? [ ] Yes - explain below [ ] No [ ] N/A Do the components make use of secret information during authentication and/or authorization? [ ] Yes - explain below [ ] No [ ] N/A 3.5 Networking Do the components access the network? [ ] Yes [X] No - continue with the next section (section 3.6) If yes do the components support IPv6? [ ] Yes [ ] No - ARC review required 3.6 Core Solaris Components Do the components of this project compete with or duplicate core Solaris components? [ ] Yes - ARC review required [X] No Examples of Core Solaris Components include but are not limited to: Secure By Default Authorizations PAM -- Plugable Authentication Module Privilege PRM -- Process Rights Management -- Privilege Audit xVm -- Virtualization zones / Solaris Containers PRM -- Process Rights Management RBAC -- Role Based Access Control TX / Trusted Extensions ZFS SMF -- Service Management Facility FMA -- Fault Management Architecture SCF -- Smart Card Facility IPsec 4.0 Interfaces (see http://www.opensolaris.org/os/community/arc/policies/interface-taxonomy/ for details) 4.1 Exported Interfaces Exported Interfaces Classification ------------------- -------------- SUNWcheetah Uncommitted /usr/bin/cheetah Uncommitted /usr/bin/cheetah-compile Uncommitted /usr/share/man/man3/cheetah.3 Uncommitted 4.2 Imported Interfaces Imported Interfaces Classification Comments ------------------- -------------- -------- SUNWPython26 Commited package name for Python 2.6(http://sac.sfbay/PSARC/2009/043) 4.3 Not An Interface Not An Interface Classification -------------------- -------------- /usr/lib/python2.6/vendor-packages/Cheetah/CacheRegion.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/CacheStore.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/CheetahWrapper.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Compiler.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Django.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/DummyTransaction.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/ErrorCatchers.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/FileUtils.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Filters.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/ImportHooks.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/ImportManager.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Macros/I18n.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Macros/__init__.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/NameMapper.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Parser.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Servlet.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/SettingsManager.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/SourceReader.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Template.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/TemplateCmdLineIface.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Templates/SkeletonPage.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Templates/SkeletonPage.tmpl Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Templates/_SkeletonPage.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Templates/__init__.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tests/CheetahWrapper.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tests/Filters.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tests/NameMapper.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tests/Regressions.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tests/SyntaxAndOutput.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tests/Template.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tests/Test.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tests/Unicode.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tests/__init__.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tests/unittest_local_copy.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tests/xmlrunner.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tools/CGITemplate.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tools/MondoReport.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tools/MondoReportDoc.txt Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tools/RecursiveNull.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tools/SiteHierarchy.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Tools/__init__.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Unspecified.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Utils/Indenter.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Utils/Misc.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Utils/VerifyType.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Utils/WebInputMixin.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Utils/__init__.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Utils/htmlDecode.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Utils/htmlEncode.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Utils/memcache.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Utils/statprof.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/Version.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/__init__.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/_namemapper.so Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/contrib/__init__.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/contrib/markdown/__init__.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/contrib/markdown/blockparser.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/contrib/markdown/blockprocessors.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/contrib/markdown/commandline.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/contrib/markdown/etree_loader.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/contrib/markdown/html4.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/contrib/markdown/inlinepatterns.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/contrib/markdown/odict.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/contrib/markdown/postprocessors.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/contrib/markdown/preprocessors.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/contrib/markdown/treeprocessors.py Uncommitted /usr/lib/python2.6/vendor-packages/Cheetah/convertTmplPathToModuleName.py Uncommitted *Note: see http://opensolaris.org/os/community/arc/policies/interface-taxonomy/ for details 6. Resources and Schedule 6.4. Steering Committee requested information 6.4.1. Consolidation C-team Name: unknown 6.5. ARC review type: FastTrack 6.6. ARC Exposure: open