TODO 2.2 KB

12345678910111213141516171819202122232425262728293031323334353637383940
  1. - SECURITY: The script just `cat`s together the system config and the user
  2. config, which means the user config can change any variable - make sure it's
  3. safe and harmless (e.g. can't cause ddos on some other server), otherwise
  4. modify the script to `sed` out the harmful parts or similar
  5. - SECURITY: Consider running the cron job as new user 'doar', not as root
  6. - Make the script proceed even if one mpop call fails, so that not all users
  7. suffer a single user's badly written account definition. Preferrably make the
  8. script send an e-mail to that user, with the error message.
  9. - Add support for RSS aggregation, check Debian packages feed2imap and
  10. rss2email. Another option is to combine many feeds into one, but then the
  11. various client machines you use don't share read/unread status. IDEA: Feeds
  12. can be shared by pulling them into a *public* Citadel folder rather than a
  13. private one. Not only it reflects the interests of the community and helps
  14. people find content, it also saves space by holding just a single copy of the
  15. feed items on the server, rather than one per user. Actually I wonder how the
  16. read/unread status works then - does Citadel keep it separate for each user?
  17. Judging by what I saw in citadel.org BBS, it does.
  18. - Make the shell script require `sh`, not `bash`, and avoid Bash-specific
  19. features.
  20. - Choose reasonable defaults and add support for LDAP and SQL for user
  21. information
  22. - Add all the standard files required by Debian packages
  23. - Add support for variable aggregation frequency
  24. - See if it makes sense to rewrite in C/C++ when the server has hundreds of
  25. users, i.e. see how much time the script takes to execute then
  26. ### Issue: aggregation frequency
  27. How often should it happen? And should the user be able to control it? What
  28. do I do if users can have different frequencies? Is one cron job still
  29. enough, or do I install a new cron job per user instead? Ideas:
  30. - One cron job runs every 10 minutes, and rates must be multiples of 10m
  31. - One cron job, same rate for all users
  32. - Cron job per user in user's crontab
  33. - Root has cron jobs for the users, to prevent user changes via ssh
  34. This script is assumed to use same rate for all users and run as a system-wide
  35. job.