Core TODO items
---------------

 - maybe rename .policy to .action for policy XML files

 - provide a polkit-validate-action-file-1 tool to check/validate
   .policy/.action XML files

 - write a couple of introductory sections detailing the system architecture for
   - a developer-audience; and
   - a system administrator audience

 - write a PolicyKit 0.9.x -> polkit 1.0 porting guide

 - guard off backend API with I_KNOW_THIS_API_IS_SUBJECT_TO_CHANGE_ETC

 - provide a way to tweak the defaults for actions (or maybe not)

 - do we need negative authorizations? If so, implement code for it, otherwise
   remove it from the PolkitAuthorization class

 - make sure simple operations work when no system bus is present
   - e.g. %post RPM scripts adding/removing authorizations to identities

 - maybe use file monitors on /var/lib/polkit-1 directories and
   emit the Changed() signal

 - PolkitAuthority probably needs locking around its singleton for
   multithreaded backends.

 - rethink actions shipped with PolicyKit; we probably just want something
   simple like
   - org.freedesktop.policykit1.read
   - org.freedesktop.policykit1.localauthority.manage

 - restrict symbol visibility in shared libraries

Backend TODO items
------------------

 - check / validate all incoming arguments
   - and other security/paranoia stuff

 - local files authority backend
   - split out AuthorizationStore into separate class
   - split out AuthenticationAgent and AuthenticationSession to separate classes
   - check if callers are authorized to enumerate, add or remove authorizations
   - use random cookies
   - speed up lookups using a hash on the cookie
   - cache Unix group information
   - handle root/wheel for implicit authorizations

 - validate object paths when registering authentication agents

 - allow backends to extend the syntax for subjects and identities, e.g.
   have something like ipa-user:...

 - avoid watching all name owner changes in PolkitBackendAuthority and
   PolkitBackendServer

 - cache user information for dbus connections

polkit-gnome TODO items
-----------------------

 - show a notification icon when the session/user has temporary authorizations
   - along with an option to give these up

 - maybe make the AuthenticationAgent process (which runs for the lifetime of
   the session) spawn a process to display the authentication dialog
   - to make it lighter on resource usage
   - to work around Metacity focus stealing prevention bugs

 - port libpolkit-gnome to new API

 - port polkit-gnome-authorization to new API
