add a note about security concerns in Storable
Storable is not a great way to pass data back and forth across security
boundaries. We have discussed the security implications of the
auto-loading and auto-blessing behaviors in Storable in the past, both
on the perl5-porters mailing list and at various conferences. Somehow,
though, these "well-known" probably have never actually been put into
the documentation. This patch corrects that.
The original version of this patch included a recommendation to use
Sereal in its most stringent configuration, but that text was removed
for the time being by Ricardo Signes, who hopes to add it back once
Sereal has been in public use for just a bit longer.