diff --git a/mkdocs/docs/faq/technical_behavior_and_limitations.md b/mkdocs/docs/faq/technical_behavior_and_limitations.md
index 3d0b1fec..4e72225e 100644
--- a/mkdocs/docs/faq/technical_behavior_and_limitations.md
+++ b/mkdocs/docs/faq/technical_behavior_and_limitations.md
@@ -226,11 +226,12 @@ certain details about the request including the process ID (pid) of
 the requesting application, the process' effective user id (uid), and
 group id (gid).
 
-FUSE and the kernel have two ways of managing
-permissions. `default_permissions` and not. When default permissions
-is enabled the kernel will do the entitlement checks and only allow
-requests through which have been allowed. When not enabled it is the
-responsibility of the FUSE server, in this case mergerfs, to do that.
+FUSE and the kernel have two ways of managing permissions. A kernel
+side `default_permissions` option and leaving it to the FUSE
+server. When default permissions is enabled the kernel will do the
+entitlement checks and only allow requests through which have been
+allowed. When not enabled it is the responsibility of the FUSE server,
+in this case mergerfs, to do that.
 
 Prior to mergerfs v2.42.0 it would enable `default_permissions` but
 also leveraged the uid and gid available in each FUSE request. The