Index: head/en_US.ISO8859-1/books/handbook/security/chapter.xml
===================================================================
--- head/en_US.ISO8859-1/books/handbook/security/chapter.xml
+++ head/en_US.ISO8859-1/books/handbook/security/chapter.xml
@@ -3567,10 +3567,23 @@
       <para>Before using process accounting, it must be enabled using
 	the following commands:</para>
 
-      <screen>&prompt.root; <userinput>touch /var/account/acct</userinput>
-&prompt.root; <userinput>chmod 600 /var/account/acct</userinput>
-&prompt.root; <userinput>accton /var/account/acct</userinput>
-&prompt.root; <userinput>sysrc accounting_enable=yes</userinput></screen>
+      <screen>&prompt.root; <userinput>sysrc accounting_enable=yes</userinput>
+&prompt.root; <userinput>service accounting start</userinput></screen>
+
+      <para>The accounting information is stored in files located in
+	<filename>/var/account</filename>, which is automatically created,
+	if necessary, the first time the accounting service starts.
+	These files contain sensitive information, including all the
+	commands issued by all users.  Write access to the files is
+	limited to <systemitem class="username">root</systemitem>,
+	and read access is limited to <systemitem
+	  class="username">root</systemitem> and members of the
+	<systemitem class="groupname">wheel</systemitem> group.
+	To also prevent	members of <systemitem
+	  class="groupname">wheel</systemitem> from reading the files,
+	change the mode of the <filename>/var/account</filename>
+	directory to allow access only by <systemitem
+          class="username">root</systemitem>.</para>
 
       <para>Once enabled, accounting will begin to track information
 	such as <acronym>CPU</acronym> statistics and executed