libapparmor: Remove incorrect statement in aa_change_profile man page

The statement was meant to convey the difference between aa_change_hat()
and aa_change_profile(). Unfortunately, it read as if there was
something preventing a program from using aa_change_profile() twice to
move from profile A to profile B and back to profile A, even if profiles
A and B contained the necessary rules.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reported-by: Seth Arnold <seth.arnold@canonical.com>
Acked-by: Christian Boltz <apparmor@cboltz.de>

libraries/libapparmor/doc/aa_change_profile.pod

@@ -40,14 +40,13 @@ An AppArmor profile applies to an executable program; if a portion of
 the program needs different access permissions than other portions,
 the program can "change profile" to a different profile. To change into a
 new profile, it can use the aa_change_profile() function to do so. It passes
-in a pointer to the I<profile> to transition to. Transitioning to another
-profile via aa_change_profile() is permanent and the process is not
-permitted to transition back to the original profile. Confined programs
-wanting to use aa_change_profile() need to have rules permitting changing
-to the named profile. See apparmor.d(8) for details.
+in a pointer to the I<profile> to transition to. Confined programs wanting to
+use aa_change_profile() need to have rules permitting changing to the named
+profile. See apparmor.d(8) for details.
 
 If a program wants to return out of the current profile to the
-original profile, it should use aa_change_hat(2) instead.
+original profile, it may use aa_change_hat(2). Otherwise, the two profiles must
+have rules permitting changing between the two profiles.
 
 Open file descriptors are not remediated after a call to aa_change_profile()
 so the calling program must close(2) open file descriptors to ensure they