diff --git a/kiss b/kiss
index dd3b6bd..fbd2ccb 100755
--- a/kiss
+++ b/kiss
@@ -84,6 +84,10 @@ root_cache() {
 
     # Validate the password now with a simple 'true' command as we
     # don't yet need to elevate permissions.
+    #
+    # Rather than checking if the '$pass' variable is non-empty,
+    # use an additional variable. The '[' command can be external
+    # which would result in '/proc' leakage.
     dosu /bin/true && have_pw=1
 }