diff --git a/man/sd_bus_creds_get_pid.xml b/man/sd_bus_creds_get_pid.xml
index 9e79d13cdd..a7690d5817 100644
--- a/man/sd_bus_creds_get_pid.xml
+++ b/man/sd_bus_creds_get_pid.xml
@@ -325,12 +325,14 @@
/proc/pid/task/tid/comm).
- sd_bus_creds_get_exe() will retrieve
- the path to the program executable (as stored in the
- /proc/pid/exe
- link, but with the (deleted) suffix removed). Note
- that kernel threads do not have an executable path, in which case
- -ENXIO is returned.
+ sd_bus_creds_get_exe() will retrieve the path to the program executable (as
+ stored in the /proc/pid/exe link, but with the
+ (deleted) suffix removed). Note that kernel threads do not have an executable path, in which
+ case -ENXIO is returned. Note that this property should not be used for more than explanatory
+ information, in particular it should not be used for security-relevant decisions. That's because the
+ executable might have been replaced or removed by the time the value can be processed. Moreover, the
+ kernel exports this information in an ambiguous way (i.e. a deleted executable cannot be safely
+ distinguished from one whose name suffix is (deleted).
sd_bus_creds_get_cmdline() will
retrieve an array of command line arguments (as stored in