From 23a6b180f975c24c8ee4190467c74b78fde0d084 Mon Sep 17 00:00:00 2001
From: Russ Allbery <eagle@eyrie.org>
Date: Sun, 3 Jan 2016 19:29:20 -0800
Subject: Add Wallet::ACL::External ACL type

A new ACL type, external (Wallet::ACL::External), is now supported.
This ACL runs an external command to check if access is allowed, and
passes the principal and the ACL identifier to that command.  To
enable this ACL type for an existing wallet database, use wallet-admin
to register the new verifier.

Change-Id: I21b72b4373eefc92985aca1505e2d1a1ec699602
---
 TODO | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'TODO')

diff --git a/TODO b/TODO
index 24514d8..18b68eb 100644
--- a/TODO
+++ b/TODO
@@ -121,6 +121,10 @@ ACLs:
 
  * Add a comment field to ACLs.
 
+ * Support external ACLs under a backend other than remctl.  This will
+   require some way of re-exporting the authenticated user identity
+   instead of relying on the existence of the remctl variables.
+
 Database:
 
  * Fix case-insensitivity bug in unique keys with MySQL for objects.  When
-- 
cgit v1.2.3