update TODO

author: Lennart Poettering <lennart@poettering.net> 2017-11-08 18:36:59 +0100
committer: Lennart Poettering <lennart@poettering.net> 2017-11-13 10:24:03 +0100
commit: e7e4a2584f8359e75c027312969d07add683e94d (patch)
tree: 20a8960a492741215f16f5c32199f97c10a42d9b /TODO
parent: namespace: set up OS hierarchy only after mounting the new root, not before (diff)
download: systemd-e7e4a2584f8359e75c027312969d07add683e94d.tar.xz
systemd-e7e4a2584f8359e75c027312969d07add683e94d.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/TODO b/TODO
index 63b8635a01a..d0807a43861 100644
--- a/TODO
+++ b/TODO
@@ -66,10 +66,16 @@ Features:
 * In journalctl add a way how "-o verbose" and suchlike can be tweaked to show
   only a specific set of properties
 
+* beef up pam_systemd to take unit file settings such as cgroups properties as
+  parameters
+
 * export UID ranges nspawns's --private-user and DynamicUser= uses in
   the systemd.pc pkg-config file, the same way we already expose the system
   user boundary there
 
+* a new "systemd-analyze security" tool outputting a checklist of security
+  features a service does and does not implement
+
 * Whenever we check a UID against the system UID range, also check for the
   dynamic UID range
author	Lennart Poettering <lennart@poettering.net>	2017-11-08 18:36:59 +0100
committer	Lennart Poettering <lennart@poettering.net>	2017-11-13 10:24:03 +0100
commit	e7e4a2584f8359e75c027312969d07add683e94d (patch)
tree	20a8960a492741215f16f5c32199f97c10a42d9b /TODO
parent	namespace: set up OS hierarchy only after mounting the new root, not before (diff)
download	systemd-e7e4a2584f8359e75c027312969d07add683e94d.tar.xz systemd-e7e4a2584f8359e75c027312969d07add683e94d.zip