Update unprivileged_userns_restriction

unprivileged_userns_restriction.md

@@ -1,6 +1,6 @@
 # Introduction
 
-unconfined processes with capability MAC_OVERRIDE will 
+unconfined processes with capability SYS_ADMIN will 
 
 unprivileged_userns_clone
 
@@ -11,15 +11,18 @@ cat /proc/sys/kernel/unprivileged_userns_clone
 
 # Discovering if your kernel supports restrictions on unprivileged user namespaces
 
-Kernel support for restricting unprivileged user namespaces 
+There are two ways to determine if your Kernel has support for restricting unprivileged user namespaces 
 
-## proc
+## Looking in /proc
+
+If the file
 
 ```
-    $ sudo cat /proc/sys/kernel/apparmor_restrict_unprivileged_userns
-    0
+    /proc/sys/kernel/apparmor_restrict_unprivileged_userns
 ```
 
+exists your kernel supports restrictions on unprivileged user namespaces
+
 ## apparmor
 
 The presence of AppArmor's ability to control user namespaces can also be found by introspecting AppArmor's advertised feature set via the following command
@@ -46,6 +49,10 @@ apparmor_restrict_unprivileged_userns
 
 ## Setting at runtime
 
+```
+    $ sudo cat /proc/sys/kernel/apparmor_restrict_unprivileged_userns
+    0
+```
 
 ##