Add a small FAQ and modify the todo item about disabled_commands in

auth {} to disable_oper since that covers ~99% of the use-cases and
can be much cleaner.

FAQ

@@ -0,0 +1,8 @@
+ShadowIRCd FAQ
+--------------
+
+Q: Why does ShadowIRCd not have remote includes?
+A: Remote Includes are a possible security risk due to possible MITM attacks
+   and such and do not prevent server owners making changes that you do not
+   want them to so they have little point. It is recommended to use rsync or
+   a git/hg cron job to pull in remote configuration files.

TODO-SHADOW

@@ -3,7 +3,8 @@ Todo list for ShadowIRCd 6.1
 * update ojoin/omode/etc to use +ah
 * notice/message !#channel and %#channel
 * clean disable/removal of modes on rehash, if possible without being ugly
-* Allow disabling of commands in auth {} blocks.
+* Add a disable_oper option to auth {} to not allow users in that auth block
+  to use OPER.
 * Add default_operhost to /set
 
 Todo list for ShadowIRCd 6.2