Add notes about avoiding root

3 files changed, 12 insertions, 0 deletions

diff --git a/README.markdown b/README.markdown
index b9d4dce..53a1375 100644
--- a/README.markdown
+++ b/README.markdown
@@ -21,6 +21,10 @@ intended to be called from `cron(8)`:
 I recommend you use [croncrypt](https://github.com/tejr/croncrypt), so you
 don't leak your network information in plain text in your email.
 
+Please also consider whether your scan actually requires root privileges, and
+could not instead be run by a dedicated user with appropriately limited
+privileges.
+
 License
 -------
 
diff --git a/bin/nwatch b/bin/nwatch
index 138b86d..6b176b6 100755
--- a/bin/nwatch
+++ b/bin/nwatch
@@ -16,6 +16,10 @@
 # I recommend you use croncrypt, so you don't leak your network information in
 # plain text in your email: <https://github.com/tejr/croncrypt>
 #
+# Please also consider whether your scan actually requires root privileges, and
+# could not instead be run by a dedicated user with appropriately limited
+# privileges.
+#
 # Author: Tom Ryder <tom@sanctum.geek.nz>
 # Copyright: 2014
 # License: GPLv2 (same as Nmap itself)
diff --git a/share/man/man1/nwatch.1 b/share/man/man1/nwatch.1
index 4481b44..d4a0e86 100644
--- a/share/man/man1/nwatch.1
+++ b/share/man/man1/nwatch.1
@@ -25,6 +25,10 @@ for running from cron(8):
 .PP
 I recommend you use croncrypt, so you don't leak your network information
 in plain text in your email: https://github.com/tejr/croncrypt
+.PP
+Please also consider whether your scan actually requires root privileges, and
+could not instead be run by a dedicated user with appropriately limited
+privileges.
 .SH SEE ALSO
 nmap(1), ndiff(1)
 .SH AUTHOR