From 7b1e9eeaac86a2f1e269001b6a330a98eaeb9614 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrien=20Verg=C3=A9?= <adrienverge@gmail.com>
Date: Sat, 21 May 2016 23:34:33 +0200
Subject: [PATCH] Doc: Inform on `--ppd-*` options risks in README

Reference: https://github.com/adrienverge/openfortivpn/issues/54
---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index cc1bce82..8c5fde1c 100644
--- a/README.md
+++ b/README.md
@@ -94,6 +94,10 @@ Cmnd_Alias  OPENFORTIVPN = /usr/bin/openfortivpn
 %adm       ALL = (ALL) OPENFORTIVPN
 ```
 
+**Warning**: Make sure only trsuted users can run openfortivpn as root! As
+described in #54, a malicious user could use `--ppp-plugin` and `--ppd-log`
+options to divert the program's behaviour.
+
 Contributing
 ------------