Documentation suggestion

Co-authored-by: Felicity Chapman <[email protected]>

Author: egregius313

java/ql/src/Security/CWE/CWE-926/ContentProviderIncompletePermissions.qhelp

@@ -3,14 +3,12 @@
   "qhelp.dtd">
 <qhelp>
 <overview>
-<p>In the Android manifest file, an application's <code>provider</code> elements
-  define the permissions necessary to access a resource using that provider.
-  Permissions are specified with
+<p>The Android manifest file contains <code>provider</code> elements that you should use to specify the explicit permissions an application requires to access a resource using that provider. 
+  You specify the permissions using
   the <code>android:readPermission</code>, <code>android:writePermission</code>,
-  or <code>android:permission</code> attributes. If an application only
-  specifies the <code>android:readPermission</code>
-  or <code>android:writePermission</code> attribute, no permissions will be
-  required to do other operations.
+  or <code>android:permission</code> attributes. 
+If you do not specify the permission required to perform an operation, the application will implicitly have access to perform that operation.  
+  For example, if you specify only <code>android:readPermission</code>, the application must have explicit permission to read data, but requires no permission to write data.
 </p>
 
 </overview>