From 5de27a7fe6b7a0b96c648a5f0f1160924b4a973c Mon Sep 17 00:00:00 2001
From: Orsiris de Jong <ozy@netpower.fr>
Date: Fri, 29 Dec 2023 12:45:23 +0100
Subject: [PATCH] Update SECURITY.md

---
 SECURITY.md | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index 2dc4357..5603855 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -17,4 +17,9 @@ Password command is also not logged.
 
 Partially covered with password_command feature.
 We should have a central password server that holds repo passwords, so password is never actually stored in config.
-This will prevent local backups, so we need to think of a better zero knowledge strategy here.
\ No newline at end of file
+This will prevent local backups, so we need to think of a better zero knowledge strategy here.
+
+# NPF-SEC-00005: Viewer mode can bypass permissions
+
+Since viewer mode requires actual knowledge of repo URI and repo password, there's no need to manage local permissions.
+Viewer mode permissions are set to "restore".
\ No newline at end of file