diff --git a/usr/lib/permission-hardener.d/25_default_whitelist_dbus.conf b/usr/lib/permission-hardener.d/25_default_whitelist_dbus.conf
index d6aadc9..4b455ae 100644
--- a/usr/lib/permission-hardener.d/25_default_whitelist_dbus.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_dbus.conf
@@ -5,4 +5,12 @@
 ## "/usr/local/etc/permission-hardener.d/20_user.conf" for your custom
 ## configuration. When security-misc is updated, this file may be overwritten.
 
+## Needed for D-Bus system activation to work.
+## https://dbus.freedesktop.org/doc/system-activation.txt
+##
+## May be vital for desktop features to work normally.
+##
+## Appears to have been designed with security in mind and can only be called
+## by root or a user in the `messagebus` group (which currently has one member,
+## namely user `messagebus`).
 dbus-daemon-launch-helper matchwhitelist