ENGDOCS-2365 (#21728)

<!--Delete sections as needed -->

## Description

Small clarity addition. Addresses
https://github.com/docker/docs/issues/21151?reload=1

## Related issues or tickets

<!-- Related issues, pull requests, or Jira tickets -->

## Reviews

<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->

- [ ] Technical review
- [ ] Editorial review
- [ ] Product review

content/manuals/compose/how-tos/use-secrets.md

@@ -17,6 +17,8 @@ Environment variables are often available to all processes, and it can be diffic
 
 ## Use secrets
 
+Secrets are mounted as a file in `/run/secrets/<secret_name>` inside the container.
+
 Getting a secret into a container is a two-step process. First, define the secret using the [top-level secrets element in your Compose file](/reference/compose-file/secrets.md). Next, update your service definitions to reference the secrets they require with the [secrets attribute](/reference/compose-file/services.md#secrets). Compose grants access to secrets on a per-service basis.
 
 Unlike the other methods, this permits granular access control within a service container via standard filesystem permissions.

content/reference/compose-file/secrets.md

@@ -15,7 +15,7 @@ The top-level `secrets` declaration defines or references sensitive data that is
 application. The source of the secret is either `file` or `environment`.
 
 - `file`: The secret is created with the contents of the file at the specified path.
-- `environment`: The secret is created with the value of an environment variable. 
+- `environment`: The secret is created with the value of an environment variable on the host.
 
 ## Example 1