+ limit the number of files/bytes a user can transfer at one sitting
+ limit the total time a session can take
+ include system load as a limit parameter (load < xxx, maxusers = nnn)

+ magic cookie for the current number of users in class in messages

+ Allow access control commands to specify remote addresses by network+netmask.
+ Allow access control by remote username (if authenticated)

+ keep PID file open and log more information in it:
  - files/bytes transferred
  - current action (a la SETPROCNAME)
  - remote host
  - classes
+ write an ftp status program to take advantage of new PID file
