Greenbone Security Assistant
Todo List
Global check_modify_config (gvm_connection_t *connection, credentials_t *credentials, params_t *params, const char *next, const char *fail_next, int *success, cmd_response_data_t *response_data)
This would be much easier with real error codes.
Global gsad_message (credentials_t *, const char *, const char *, int, const char *, cmd_response_data_t *)
Make it accept formatted strings.
Global handle_static_file (http_connection_t *connection, const char *method, const char *url, gsad_connection_info_t *con_info, http_handler_t *handler, void *data)

validation, URL length restriction (allows you to view ANY file that the user running the gsad might look at!)

use glibs path functions

Global log_config
Ensure the accesses to these are thread safe.
Global PARAM_OR_SETTING (value, param, setting_id, cleanup)

Consider doing the input sanatizing in the page handlers.

Take care of XML in input.