diff --git a/README.md b/README.md
index f4d96024d..26f1593bb 100644
--- a/README.md
+++ b/README.md
@@ -88,6 +88,14 @@ You can build a binary (but not run it) with:
 
 The result can be found as `target/release/arti`.
 
+⚠ **Safety Note**: if you are using the default build options,
+the compiler will include filesystem path information in the
+binary that it generates.  If your path is sensitive (for example,
+because it includes your username), you will want to take steps
+to prevent this.  See [`doc/safer-build.md`](doc/safer-build.md)
+for more information.
+
+
 If you run into any trouble building the program, please have a
 look at [the troubleshooting guide](doc/TROUBLESHOOTING.md).
 
diff --git a/doc/safer-build.md b/doc/safer-build.md
new file mode 100644
index 000000000..16d4428de
--- /dev/null
+++ b/doc/safer-build.md
@@ -0,0 +1,55 @@
+# Safer build options
+
+By default,
+the Rust compiler includes your current path information
+in the binaries that it generates.
+This could be a problem if,
+for example, you are building from a path like
+`/home/FirstnameLastname/build/arti`
+and releasing binaries (or uploading backtraces)
+under a pseudonym
+that you do not want linked to `FirstnameLastname`.
+
+There is a good overview of the issues here at
+https://github.com/betrusted-io/xous-core/issues/57 .
+
+There are a couple of workarounds here.
+
+# Workaround one: reproducible build
+
+If you have Docker,
+you can run a reproducible build of Arti,
+so that the binary you make will be the same
+as a binary generated by anybody else.
+
+See the
+[`docker_reproducible_build`](../maint/docker_reproducible_build)
+script for more information.
+
+# Workaround two: RUSTFLAGS
+
+As a quick-and-dirty solution,
+you can use the `--remap-path-prefix` option
+to tell the Rust compiler
+to re-map your paths into anonymized ones.
+
+This is not a perfect solution;
+there are known issues under some configurations,
+particularly if you are linking to a static OpenSSL.
+
+Personally, I get good results from running:
+
+```
+RUSTFLAGS="--remap-path-prefix $HOME/.cargo=.cargo --remap-path-prefix $(pwd)=." \
+   cargo build --release -p arti
+```
+
+After you do this, you can use
+`strings target/release/arti | grep "$HOME"`
+to see if your home directory appears in the result.
+
+
+
+
+
+