core: make sure we properly parse ProtectHome= and ProtectSystem=

[elogind.git] / TODO

diff --git a/TODO b/TODO
index fb118f155028d32d6012f61f8dca0484be7a4a5a..5cb76df282f231521dc1261d307d86cf093d77d4 100644 (file)
--- a/TODO
+++ b/TODO
@@ -68,11 +68,7 @@ Features:
 
 * Add timeout to early-boot, and shut down the system if it is hit. Solves the laptop-in-bag problem and is useful for embedded cases
 
-* ImmutableSystem=yes/no or so to mount /usr, /boot read-only/invisible, and leave /var and /etc writable
-
-* InaccessibleHome=yes/no or so to hide /home and /run/user from a service
-
-* Run most system services with cgroupfs read-only and procfs with a more secure mode
+* Run most system services with cgroupfs read-only and procfs with a more secure mode (doesn't work, since the hidepid= option is per-pid-namespace, not per-mount)
 
 * sd-event: generate a failure of a default event loop is executed out-of-thread
 
@@ -552,8 +548,6 @@ Features:
 
 * introduce mix of BindTo and Requisite
 
-* add DeleteSocketsOnStop=yes|no option to socket units
-
 * There's currently no way to cancel fsck (used to be possible via C-c or c on the console)
 
 * add option to sockets to avoid activation. Instead just drop packets/connections, see http://cyberelk.net/tim/2012/02/15/portreserve-systemd-solution/