$Id: WISHLIST,v 1.4 1996/09/25 03:19:47 marekm Exp $

This is my wishlist for the shadow suite, in no particular order.  Feel
free to do anything from this list and mail me the diffs :-).

Patches in diff -u format, against the latest version (sometimes in the
"dontuse" directory) are preferred and make my job easier.  Please, no
MIME, base64 or quoted-unreadable (aka QP).  For very big patches or if
your mailer can corrupt them, please use gzip and uuencode.  Thanks!

New ideas to add to this list are welcome, too.  --marekm

- fix all the bugs, of course
- integrate S/Key authentication support (or OPIE to avoid trademarks?)
- implement "su only" accounts
- locale support (date formats, message catalogs), any volunteers?
- rewrite getdef.c to be more general (no hardcoded names)
- update man pages to reflect all the changes (real programmers ... :-)
- fix LOGIN_STRING (handle quotes, whitespace etc.), change the name to
  something less confusing
- patch for rlogind/telnetd to create utmp entry and fill in ut_addr
- patches for ftpd, rexecd, pop[23]d, ssh, xdm, ... (with all the
  nice/fascist features, not just "pw->pw_passwd = sp->sp_pwdp;")
  [will be unnecessary when PAM is finished]
- rewrite lastlog.8 man page (copyright)
- fix the usermod -l bug properly [for now it's OK - #undef AUTH_METHODS]
- support Pluggable Authentication Modules
- option to specify encrypted password in passwd (for yppasswdd, so it
  doesn't need to know about shadow/non-shadow); should probably use a pipe
  (less insecure than command line arguments)
- add support for changing NIS passwords (or add cracklib to yppasswd);
  this means that yppasswdd should require unix authentication (the current
  one doesn't, and users can use their own clients to set any password).
  Good passwords are especially important in NIS environments - everyone
  can see (and crack) them...
- clean up NDBM support, do it in the library and not in all programs,
  add support for db?
- use lckpwdf() if available (libc-5.3.5) to lock password files
- date formats configurable in login.defs (not at compile time)
- fix useradd -D -e to match Solaris 2.x documentation (set the default
  account expiration date, *not* the maximum password age)
- sort out CRONTAB_COMMAND, ATRM_COMMAND in userdel (don't work at the
  moment, ideally should be guessed by configure)
- add option to check passwords by piping them to external programs
- add functionality of the contrib/rpasswd.c wrapper to passwd
- rename getpass() to avoid conflict with libc?
- integrate Debian patches
- option to generate pronounceable passwords (like on SCO), external program?
- poppassd (remote password change for eudora etc.)
- check if the libc crypt() supports md5 (glibc-1.96)
