There should be a 'security audit' of DC, where one investigates problems and their (potential) overcomings.
Bug watches keep track of this bug in other bug trackers.