- drop the bit about the local securenets file

1 files changed, 7 insertions, 5 deletions

diff --git a/doc/design.txt b/doc/design.txt
index 05f9130..ecff7ef 100644
--- a/doc/design.txt
+++ b/doc/design.txt
@@ -108,16 +108,18 @@ Because connected clients may not always transmit an entire request at
 once, and because the server may find itself unable to transmit an
 entire response at once, it buffers traffic for connected clients,
 multiplexing the work it does for all of its clients from inside of the
-thread.]  The actual protocol datagram parsing is performed by libnsl,
+thread.  The actual protocol datagram parsing is performed by libnsl,
 which is provided as a part of the C library.
 
 Client requests are limited by the local tcp_wrappers configuration on
 the directory server.
 
-[Unless explicitly disabled in the module's configuration or in a
- map's configuration, the local /etc/securenets file is consulted to
- control access to map information to specific clients.  The list of
- securenet entries can also be stored in the module or map.]
+Access control can be performed based on a client's address using
+"nis-plugin-securenet" settings in the module's configuration entry.
+If no values are specified, access is allowed to all clients.  If values
+in the form "netmask address" (for example, "255.0.0.0 127.0.0.0") are
+found, then access will only be allowed to clients on the designated
+networks.
 
 == Map Cache ==