diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 2fd69f6912f..9e621b9aa30 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -2022,8 +2022,9 @@ BindReadOnlyPaths=/var/lib/systemd
/proc/sys/, /sys/, /proc/sysrq-trigger,
/proc/latency_stats, /proc/acpi,
/proc/timer_stats, /proc/fs and /proc/irq will
- be made read-only to all processes of the unit. Usually, tunable kernel variables should be initialized only at
- boot-time, for example with the
+ be made read-only and /proc/kallsyms as well as /proc/kcore will be
+ inaccessible to all processes of the unit.
+ Usually, tunable kernel variables should be initialized only at boot-time, for example with the
sysctl.d5 mechanism. Few
services need to write to these at runtime; it is hence recommended to turn this on for most services. For this
setting the same restrictions regarding mount propagation and privileges apply as for