SGFW NG release TODO list

[dma]

• [x] AppArmor package update with req'd policy changes for fw-daemon, tor (permission to create sockets path) - need issue for this
• [x] Finish / fix sandbox policy implementation
• [x] Update gtk prompter: make consistent with gnome shell dialog, add sandbox description, TLSGuard enforcement option
• [ ] Update fw-settings: add sandbox policy GUI support, add support for ALLOW_TLSONLY
• [ ] Remove "sandbox" element from parsed rules, but leave in policy (sandbox should go with exe path, and not be part of a rule line)
• [x] Ensure logs are redacted per user choice
• [ ] Add versioning / backwards compatibility to rules parser, make sure nothing breaks at install for users
• [x] Fix TLSGuard breaking some connections for chromium: https://github.com/subgraph/fw-daemon/issues/51
• [x] Fix obvious race condition: https://github.com/subgraph/fw-daemon/issues/52
• [ ] Create ferm package with required iptables rules for fw-daemon coverage of clearnet sandbox
• [ ] Update / modify tor systemd unit file: https://github.com/subgraph/fw-daemon/issues/46
• [ ] Update handbook / documentation / website description
• [ ] Address https://github.com/subgraph/subgraph-os-issues/issues/288 (optional for this release?)
• [ ] Create default policies / rules for systemwide + sandboxed apps we ship
• [ ] Fix https://github.com/subgraph/fw-daemon/issues/57