Clarify 'potential attack surface'

kubernetes · Sep 9, 2016 · aec885a · aec885a
1 parent 3f80030
commit aec885a
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/docs/admin/apparmor/index.md b/docs/admin/apparmor/index.md
@@ -4,8 +4,9 @@ assignees:
 
 ---
 
-AppArmor is a Linux kernel enhancement that can reduce the potential attack surface and provide
-greater defense in depth for Applications. Beta support for AppArmor was added in Kubernetes v1.4.
+AppArmor is a Linux kernel enhancement that can reduce the potential attack surface of an
+application and provide greater defense in depth for Applications. Beta support for AppArmor was
+added in Kubernetes v1.4.
 
 * TOC
 {:toc}
@@ -14,7 +15,7 @@ greater defense in depth for Applications. Beta support for AppArmor was added i
 
 AppArmor is a Linux kernel security module that supplements the standard Linux user and group based
 permissions to confine programs to a limited set of resources. AppArmor can be configured for any
-application to reduce the potential attack surface and provide greater defense in depth. It is
+application to reduce its potential attack surface and provide greater defense in depth. It is
 configured through profiles tuned to whitelist the access needed by a specific program or container,
 such as Linux capabilities, network access, file permissions, etc. Each profile can be run in either
 enforcing mode, which blocks access to disallowed resources, or complain mode, which only reports