From 8e36ec5a62d14993a94aec7d2e1cfdb63924668a Mon Sep 17 00:00:00 2001
From: Alexey Avramov <hakavlad@gmail.com>
Date: Tue, 17 Dec 2019 20:43:26 +0900
Subject: [PATCH] Update readme: add security notes

---
 README.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/README.md b/README.md
index b9f47df..f9c481d 100644
--- a/README.md
+++ b/README.md
@@ -83,6 +83,21 @@ To use `PSI`:
 - VmRSS is about 10–14 MiB instead of the settings, about 10 MiB by default.
 - CPU usage depends on the level of available memory and monitoring intensity.
 
+## Security notes
+
+We always strive to be transparent with you, our esteemed users, and we strive to keep you informed of the following current security issues:
+
+- the project was founded by an incompetent monkey;
+- the author of the project lives in Russia;
+- the daemon runs with super-user privileges and has full access to all private memory of all processes and sensitive user data;
+- the daemon starts with increased priority and negative oom_score_adj;
+- the daemon is written in Python;
+- unit test code coverage is 0%;
+- the main way to handle low memory is to terminate processes;
+- the daemon does not forbid you to shoot yourself in the foot: with some settings, unwanted mass killings of processes can occur.
+- the daemon is not a panacea: there are no universal settings that reliably protect against all types of threats;
+- the draft code of conduct has not been adopted, so you may be offended.
+
 ## How to install
 
 #### To install on Fedora 30+: