Comment 3 for bug 2047686

Thanks for looking into this, Brian. I've switched the report to public now and tagged it as a potential hardening opportunity, class D (or possibly C1) in our taxonomy: https://security.openstack.org/vmt-process.html#report-taxonomy