From 8f2ec75f8173b6ab970a5ef213dcf5a3f67aa84a Mon Sep 17 00:00:00 2001
From: Raja Grewal <rg_public@proton.me>
Date: Sat, 13 Jul 2024 23:30:55 +1000
Subject: [PATCH] Clarify README.mmd relating to module disabling

---
 README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 114b90c..668b793 100644
--- a/README.md
+++ b/README.md
@@ -143,7 +143,8 @@ modules from automatically starting.
 Specific kernel modules are entirely disabled to reduce attack surface via
 `/etc/modprobe.d/30_security-misc_disable.conf`. Disabling prohibits kernel
 modules from starting. This approach should not be considered comprehensive,
-rather it is a form of badness enumeration.
+rather it is a form of badness enumeration. Any potential candidates for future
+disabling should first be blacklisted for a suitable amount of time.
 
 -   File Systems: Disable uncommon and legacy file systems.