blob: 818adc7511907e88b67327512018bfd9828f7a26 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
Needed for 1.0
--------------
- check that all public but unstable API is properly guard off with
I_KNOW_THIS_API_IS_SUBJECT_TO_CHANGE_ETC
- rethink actions shipped with PolicyKit; we probably just want something
very simple that only applies to the local authority backend
- some mechanisms don't run as root - how should they convey that
they are authorized to check authorizations?
- man page review / section review
- review/restrict symbol visibility in shared libraries
- check / validate all incoming arguments
- includes all D-Bus interfaces and public library API
- validate D-Bus object paths everywhere
- ...and other security/paranoia stuff
- make sure library API is reasonably MT-safe
- avoid watching all name owner changes in PolkitBackendAuthority and
PolkitBackendServer; remove the name-owner-changed vfunc
GNOME Authentication Agent
--------------------------
- maybe expand on the notification icon so it is more detailed
what temporary authorizations the session has - and maybe a way
to only drop some of them
|