From 2ef32f75c77ac27e0de8b0bd02bac604f79d1bf9 Mon Sep 17 00:00:00 2001
From: qoijjj <129108030+qoijjj@users.noreply.github.com>
Date: Wed, 13 Mar 2024 16:35:15 -0700
Subject: [PATCH] docs: improve readability

---
 POSTINSTALL-README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/POSTINSTALL-README.md b/POSTINSTALL-README.md
index 81a665c..bf84a7e 100644
--- a/POSTINSTALL-README.md
+++ b/POSTINSTALL-README.md
@@ -33,7 +33,7 @@ If you wish to password-protect booting existing entries, you can add the `grub_
 
 ## Create a separate wheel account for admin purposes
 
-Creating a dedicated wheel user and removing wheel from your primary user helps prevent certain attack vectors:
+Creating a dedicated wheel user and removing wheel from your primary user helps prevent certain attack vectors, like:
 
 - https://www.kicksecure.com/wiki/Dev/Strong_Linux_User_Account_Isolation#LD_PRELOAD
 - https://www.kicksecure.com/wiki/Root#Prevent_Malware_from_Sniffing_the_Root_Password
@@ -50,9 +50,9 @@ When not in the wheel group, a user can be added to a dedicated group, otherwise
 - use `adb` and `fastboot`: `plugdev`
 - use systemwide flatpaks: `flatpak`
 
-Be aware that granting these permissions will increase attack surface, so keep them as minimal as possible. Some actions don't have an associated group yet, you can create your own rules and groups to fix this.
+Some actions don't have an associated group yet, you can create your own rules and groups to fix this.
 
-**Example**: Use LUKS encrypted backup drives
+**Example**: To allow a non-wheel user to use LUKS encrypted external drives:
 
 1. `sudo groupadd diskadmin`
 2. `sudo usermod -aG diskadmin {your username here}`