1 files changed, 6 insertions, 3 deletions

diff --git a/start-stop-daemon.8 b/start-stop-daemon.8
index 4723596..b6513ce 100644
--- a/start-stop-daemon.8
+++ b/start-stop-daemon.8
@@ -122,11 +122,14 @@ Note: using this matching option alone might cause unintended processes to
 be acted on, if the old process terminated without being able to remove the
 \fIpid-file\fP.
 .IP
-\fBWarning:\fP Using this match option alone with a daemon that writes the
-pidfile as an unprivileged user is a security risk, because if the daemon
-gets compromised the contents of the pidfile cannot be trusted, and then
+\fBWarning:\fP using this match option with a world-writable pidfile or using
+it alone with a daemon that writes the pidfile as an unprivileged (non-root)
+user will be refused with an error (since version 1.19.3) as this is a
+security risk, because either any user can write to it, or if the daemon
+gets compromised, the contents of the pidfile cannot be trusted, and then
 a privileged runner (such as an init script executed as root) would end up
 acting on any system process.
+Using \fI/dev/null\fP is excempt from these checks.
 .TP
 .BR \-x ", " \-\-exec " \fIexecutable\fP"
 Check for processes that are instances of this \fIexecutable\fP. The