From bcd1e45ba7a133df612fc8f380781eb81e956097 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= <anarcat@debian.org>
Date: Mon, 18 Sep 2017 08:55:18 -0400
Subject: [PATCH] fix typo, add note about file permissions

---
 doc/faq.rst | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/doc/faq.rst b/doc/faq.rst
index 4bf2f477f..b0e8495aa 100644
--- a/doc/faq.rst
+++ b/doc/faq.rst
@@ -30,7 +30,7 @@ cause of this bug is not yet known.
 How can I specify encryption passwords automatically?
 -----------------------------------------------------
 
-When you run ``restict create``, you need to enter the passphrase on
+When you run ``restic backup``, you need to enter the passphrase on
 the console. This is not very convenient for automated backups, so you
 can also provide the password through the ``--password-file`` option
 or ``RESTIC_PASSWORD`` environment. A discussion is in progress over
@@ -43,6 +43,9 @@ implementing unattended backups happens in :issue:`533`.
                directly and they will be readable to all users on a
                system. Using export in a shell script file should be
                safe, however, as the environment of a process is
-               `accessible only to that user`_.
+               `accessible only to that user`_. Please make sure that
+               the permissions on the files where the password is
+               eventually stored are safe (e.g. `0600` and owned by
+               root).
 
 .. _accessible only to that user: https://security.stackexchange.com/questions/14000/environment-variable-accessibility-in-linux/14009#14009