From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 7 Oct 2016 18:32:23 +0000 (+0200)
Subject: update TODO
X-Git-Tag: v232~114^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F4067%2Fhead;p=thirdparty%2Fsystemd.git

update TODO
---

diff --git a/TODO b/TODO
index 9ca2736b2a8..9b949e93f7a 100644
--- a/TODO
+++ b/TODO
@@ -72,6 +72,12 @@ Features:
 
 * RemoveKeyRing= to remove all keyring entries of the specified user
 
+* ProtectReboot= that masks reboot() and kexec_load() syscalls, prohibits kill
+  on PID 1 with the relevant signals, and makes relevant files in /sys and
+  /proc (such as the sysrq stuff) unavailable
+
+* DeviceAllow= should also generate seccomp filters for mknod()
+
 * Add DataDirectory=, CacheDirectory= and LogDirectory= to match
   RuntimeDirectory=, and create it as necessary when starting a service, owned by the right user.