From ed2c80bcf81e104cb29209cd8afa031a815b6db8 Mon Sep 17 00:00:00 2001
From: Stephan Bosch <stephan@rename-it.nl>
Date: Sun, 27 Jul 2008 18:00:21 +0200
Subject: [PATCH] Updated TODO

---
 TODO | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/TODO b/TODO
index 12a883ca2..d3761e0b5 100644
--- a/TODO
+++ b/TODO
@@ -3,11 +3,17 @@ Next (in order of descending priority/precedence):
 
 * Full standards compliance review for the engine and all fully implemented 
   sieve extensions. Issues discovered so far:
-    - Header test does not strip trailing whitespace
+	- Header test does not strip trailing whitespace
 	- Fix/Report issues listed in 'doc/rfc/RFC Controversy.txt'
 * Code cleanup 
 * Full security review. Enforce limits on number of created objects, script 
   size, execution time, etc...
+	- Limit the string size
+	- Limit the string list size
+	- Limit the depth of the AST, i.e. command block and test list
+	  nesting.
+	- Limit the maximum number of included scripts
+	- Make (configurable) limit on the number of redirects
 	- Malicious/Broken binary can allocate large variable storage
 * Finish the test suite for the base functionality
 * Make sure cmusieve can be replaced seamlessly with the new plugin.
-- 
GitLab