Comment 76 for bug 1415087

I agree this is at least a security hardening opportunity in Nova, and would be great to patch if someone is interested in writing that patch. However the decision to issue a security hinges on having a clearer explanation of _how_ this makes users of Nova vulnerable, and would still need the aforementioned patch (and would need to be the sort we could safely provide to users of supported stable release branches without introducing new configuration or backward-incompatible behavior changes).