From 46165dcf4ea2ff9fc0e229fedda9dea5069e8a89 Mon Sep 17 00:00:00 2001
From: Keith Nash <Spearfoot@users.noreply.github.com>
Date: Wed, 15 Sep 2021 14:24:27 -0500
Subject: [PATCH] Added security warning to the config scripts

---
 README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/README.md b/README.md
index 8bbf8b6..077c8fe 100644
--- a/README.md
+++ b/README.md
@@ -51,6 +51,9 @@ You will need to edit the script and enter your email address before using it. Y
 
 Saves your TrueNAS/FreeNAS system configuration files to a dataset you specify, by creating a tarball containing the SQLite configuration database (_freenas-v1.db_) and password secret seed encryption file (_pwenc_secret_). The tarball is suitable for use in restoring the configuration on TrueNAS/FreeNAS systems.
 
+**!!! Security Warning !!!**
+> The system configuration and password secret seed encryption file are sensitive information and should be stored on a dataset available only to system administrators!
+
 The backup database and tarball filenames are formed from the hostname, complete TrueNAS/FreeNAS version, date, and _tar_ or _db_ extension, in this format: _hostname-version-date.extension_. Here are examples from a recent backup on my server named _brutus_:
 
 ```
@@ -86,6 +89,9 @@ Note that each invocation of the script creates these files in the configuration
 
 Saves your FreeNAS system configuration and password secret seed files to a dataset you specify, optionally sending you an email message containing these files in an encrypted tarball.
 
+**!!! Security Warning !!!**
+> The system configuration and password secret seed encryption file are sensitive information and should be stored on a dataset available only to system administrators!
+
 Supports the versions of FreeNAS which use an SQLite-based configuration file: these include FreeNAS 9.x-12.x, and probably earlier versions as well. 
 
 The backup configuration filenames are formed from the hostname, complete FreeNAS version, and date, in this format: _hostname-freenas_version-date.db_. Here is an example from a recent backup on my server named _bandit_: