tcpdump [PSARC/2009/147 FastTrack timeout 03/10/2009]
James Walker
jw137282 at sac.sfbay.sun.com
Tue Mar 3 01:28:14 PST 2009
I'm sponsoring this familiarity case for Robin Guo. The requested
release binding is minor. The man page has been posted in the
materials directory.
Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI
This information is Copyright 2009 Sun Microsystems
1. Introduction
1.1. Project/Component Working Name:
tcpdump
1.2. Name of Document Author/Supplier:
Author: Robin Guo
1.3 Date of This Document:
03 March, 2009
4. Technical Description
1.0 Project Information
1.1 Name of project/component
tcpdump
1.2 Author of document
robin.guo at sun.com
2.0 Project Summary
2.1 Project Description
Tcpdump is a common packet sniffer that runs under the command line.
It allows the user to intercept and display TCP/IP and other packets
being transmitted or received over a network to which the computer is
attached. Tcpdump works on most Unix-like OS, and uses libpcap library
to capture packets.
tcpdump 4.0.0 will be integrated into the SFW consolidation as part of
this proposal, and will be installed as SUNWtcpdump. A minor release
binding is being requested.
2.2 Release binding
What is is the release binding?
(see http://opensolaris.org/os/community/arc/policies/release-taxonomy/)
[ ] Major
[*] Minor
[ ] Patch or Micro
[ ] Unknown -- ARC review required
2.3 Type of project
Is this case a Linux Familiarity project?
[*] Yes
[ ] No
2.4 Originating Community
2.4.1 Community Name
tcpdump.org
2.4.2 Community Involvement
Indicate Sun's involvement in the community
[ ] Maintainer
[ ] Contributor
[*] Monitoring
Will the project team work with the upstream community to resolve
architectural issues of interest to Sun?
[*] Yes
[ ] No - briefly explain
Will we or are we forking from the community?
[ ] Yes - ARC review required prior to forking
[*] No
3.0 Technical Description
3.1 Installation & Sharable
3.1.1S Solaris Installation - section only required for Solaris Software
(see http://opensolaris.org/os/community/arc/policies/install-locations/ for details)
Does this project follow the Install Locations best practice?
[*] Yes
[ ] No - ARC review required
Does this project install into /usr under [sbin|bin|lib|include|man|share]?
[*] Yes
[ ] No or N/A
Does this project install into /opt?
[ ] Yes - explain below
[*] No or N/A
Does this project install into a different directory structure?
[ ] Yes - ARC review required
[*] No or N/A
Do any of the components of this project conflict with anything under /usr?
(see http://opensolaris.org/os/community/arc/caselog/2007/047/ for details)
[ ] Yes - explain below
[*] No
If conflicts exist then will this project install under /usr/gnu?
[ ] Yes
[ ] No - ARC review required
[*] N/A
Is this project installing into /usr/sfw?
[ ] Yes - ARC review required
[*] No
3.1.1W Windows Installation - section only required for Windows Software
(see http://sac.sfbay/WSARC/2002/494 for details)
Does this project install software into a
<system drive>:\Program Files\Sun\<product> or <system drive>:\Sun\<product>
directory?
[ ] Yes
[ ] No - ARC review required
Does the project use the Windows registry?
[ ] Yes
[ ] No - ARC review required
Does the project use
HKEY_LOCAL_MACHINE\SOFTWARE\Sun Microsystems\<product>\<version>
for the registry key?
[ ] Yes
[ ] No - ARC review required
Is the project's stored location
HKEY_LOCAL_MACHINE\SOFTWARE\Sun Microsystems\<product id>\<version id>\Path?
[ ] Yes
[ ] No - ARC review required
3.1.2 Share and Sharable
Does the module include any components that are used or shared by
other projects?
[ ] Yes
[*] No
If yes are these components packaged to be shared with the other FOSS?
[ ] Yes
[ ] No - ARC review required
[*] N/A
Are these components already in the Solaris WOS?
[ ] Yes
[*] No - continue with next section (section 3.2)
If yes are these newer versions being delivered?
[ ] Yes
[ ] No - ARC review required
If yes are the newer versions replacing the existing versions?
[ ] Yes
[ ] No - ARC review required
3.2 Exported Libraries
Are libraries being delivered by this project?
[ ] Yes
[*] No - continue with next section (section 3.3)
Are 64-bit versions of the libraries being delivered?
[ ] Yes
[ ] No - ARC review required
Are static versions of the libraries being delivered?
[ ] Yes - ARC review required
[ ] No
3.3 Services and the /etc Directory
(see http://opensolaris.org/os/community/arc/policies/SMF-policy/)
Does the project integrate anything into /etc/init.d or /etc/rc?.d?
[ ] Yes - ARC review required
[*] No
Does the project integrate any new entries into /etc/inittab or
/etc/inetd.conf?
[ ] Yes - ARC review required
[*] No
Does the project integrate any private non-public files into /etc/default
or /etc/ configuration files?
[ ] Yes - ARC review required
[*] No
Does the service manifests method context grant rights above that
of the noaccess user and basic privilege set?
[ ] Yes - ARC review required
[*] No
3.4 Security
3.4.1 Secure By Default
(see http://opensolaris.org/os/community/arc/policies/secure-by-default/ for details)
(see http://www.opensolaris.org/os/community/arc/policies/NITS-policy/ for details)
(see parts of http://opensolaris.org/os/community/arc/policies/SMF-policy/ for
addtional details)
Are there any network services provided by this project?
[ ] Yes
[*] No - continue with the next section (section 3.4.2)
Are network services enabled by default?
[ ] Yes - ARC review required
[ ] No
[ ] N/A
Are network services automatically enabled by the project during installation?
[ ] Yes - ARC review required
[ ] No
[ ] N/A
Are inbound network communications denied by default?
[ ] Yes
[ ] No - ARC review required
[ ] N/A
Is inbound data checked to prevent content-based attacks?
[ ] Yes
[ ] No - ARC review required
[ ] N/A
Is the outbound receiver authenticated?
[ ] Yes
[ ] No - ARC review required
[ ] N/A
Is the receiver authenticated prior to receiving any sensitive outbound communication?
[ ] Yes
[ ] No - ARC review required
[ ] N/A
3.4.2 Authorization
(see http://opensolaris.org/os/community/arc/bestpractices/rbac-intro/ and
http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/ and
http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/
for details)
Are there any setuid/setgid privileged binaries in the project?
[ ] Yes - ARC review required
[*] No - continue with next section (section 3.4.3)
If yes then are the setuid/setgid privileges handled by the use of roles?
[ ] Yes
[ ] No - ARC review required
3.4.3 Auditing
(see http://opensolaris.org/os/community/arc/policies/audit-policy/ for details)
(see http://opensolaris.org/os/community/arc/caselog/2003/397 for details)
Does this component contain administrative or security enforcing software?
[ ] Yes - ARC review required
[*] No - continue to next section (section 3.4.4)
(see http://opensolaris.org/os/community/arc/caselog/2003/397 for details)
Do the components create audit logs detailing what took place including what event
took place, who was involved, when the event took place?
[ ] Yes - ARC contract and Audit project team review required
[ ] No - ARC review required
3.4.4 Authentication
(see http://opensolaris.org/os/community/arc/policies/PAM/)
Do the components contain any authentication code?
[ ] Yes
[*] No - continue to next section (section 3.4.5)
If yes do the components use PAM (plugable authentication modules) for authentication?
[ ] Yes
[ ] No - ARC review required
If yes is a single PAM session maintained during authentication?
[ ] Yes
[ ] No - ARC review required
If yes are the components sufficiently privileged to allow the requested
operations (authentication, password change, process credential manipulation,
audit state initialization)?
[ ] Yes - briefly describe below
[ ] No - ARC review required
3.4.5 Passwords
(see http://opensolaris.org/os/community/arc/bestpractices/passwords-cli/ and
http://opensolaris.org/os/community/arc/bestpractices/passwords-files/ for details)
Do any of the components for the project deal with passwords?
[ ] Yes
[*] No - continue to next section (section 3.4.6)
If yes are these passwords entered via the CLI or environment?
[ ] Yes - ARC review required
[ ] No
Are passwords stored within the file system for the component?
[ ] Yes
[ ] No - continue to next section (section 3.4.6)
If yes are the permissions on the file such to protect exposing the password(s)?
[ ] Yes
[ ] No - ARC review required
3.4.6 General Security Questions
(see http://opensolaris.org/os/community/arc/bestpractices/security-questions/ for details)
Are there any network protocols used by this project?
[*] Yes
[ ] No - continue with the next section (section 3.5)
Do the components use standard network protocols?
[*] Yes
[ ] No - ARC review required
Do network services for the project make decisions based upon user, host or
service identities?
[ ] Yes - explain below
[ ] No
[*] N/A
Do the components make use of secret information during authentication and/or
authorization?
[ ] Yes - explain below
[ ] No
[*] N/A
3.5 Networking
Do the components access the network?
[*] Yes
[ ] No - continue with the next section (section 3.6)
If yes do the components support IPv6?
[*] Yes
[ ] No - ARC review required
3.6 Core Solaris Components
Do the components of this project compete with or duplicate core
Solaris components?
[ ] Yes - ARC review required
[*] No
Examples of Core Solaris Components include but are not limited to:
Secure By Default
Authorizations
PAM -- Plugable Authentication Module
Privilege
PRM -- Process Rights Management -- Privilege
Audit
xVm -- Virtualization
zones / Solaris Containers
PRM -- Process Rights Management
RBAC -- Role Based Access Control
TX / Trusted Extensions
ZFS
SMF -- Service Management Facility
FMA -- Fault Management Architecture
SCF -- Smart Card Facility
IPsec
4.0 Interfaces
(see http://www.opensolaris.org/os/community/arc/policies/interface-taxonomy/ for details)
4.1 Exported Interfaces
Interface Name Classification Comments
--------------------------- -------------- -----------------------
SUNWtcpdump Uncommitted Package
/usr/bin/tcpdump Uncommitted Executable binary file
4.2 Imported Interfaces
Interface Name Classification Comments
--------------------------- --------------- --------------------------
SUNWlibpcap Uncommitted Package
SUNWlibsasl Committed Package
SUNWpr Committed Package
SUNWtls Uncommitted Package
SUNWlibmsr Committed Package
Appendix A - References
[1] http://www.tcpdump.org
OSR ID# 9923
RFE ID# 6808014
6. Resources and Schedule
6.4. Steering Committee requested information
6.4.1. Consolidation C-team Name:
SFW
6.5. ARC review type: FastTrack
6.6. ARC Exposure: open
More information about the opensolaris-arc
mailing list