2 files changed, 2 insertions, 2 deletions

diff --git a/runsc/config/config.go b/runsc/config/config.go
index b02d8e2e1..e9fd7708f 100644
--- a/runsc/config/config.go
+++ b/runsc/config/config.go
@@ -131,7 +131,7 @@ type Config struct {
 	NumNetworkChannels int `flag:"num-network-channels"`
 
 	// Rootless allows the sandbox to be started with a user that is not root.
-	// Defense is depth measures are weaker with rootless. Specifically, the
+	// Defense in depth measures are weaker in rootless mode. Specifically, the
 	// sandbox and Gofer process run as root inside a user namespace with root
 	// mapped to the caller's user.
 	Rootless bool `flag:"rootless"`
diff --git a/runsc/config/flags.go b/runsc/config/flags.go
index 13d8f1b25..02ab9255a 100644
--- a/runsc/config/flags.go
+++ b/runsc/config/flags.go
@@ -71,7 +71,7 @@ func RegisterFlags() {
 		flag.Bool("overlay", false, "wrap filesystem mounts with writable overlay. All modifications are stored in memory inside the sandbox.")
 		flag.Bool("overlayfs-stale-read", true, "assume root mount is an overlay filesystem")
 		flag.Bool("fsgofer-host-uds", false, "allow the gofer to mount Unix Domain Sockets.")
-		flag.Bool("vfs2", false, "TEST ONLY; use while VFSv2 is landing. This uses the new experimental VFS layer.")
+		flag.Bool("vfs2", false, "enables VFSv2. This uses the new VFS layer that is faster than the previous one.")
 		flag.Bool("fuse", false, "TEST ONLY; use while FUSE in VFSv2 is landing. This allows the use of the new experimental FUSE filesystem.")
 
 		// Flags that control sandbox runtime behavior: network related.