I think the fact that this many projects (and possibly more) are doing a thing that can be *really* bad is worth at least an advisory, so deployers are aware. It's not uncommon (nor a bad idea) to run OpenStack services in debug mode, and many of the largest clouds do exactly this.
FWIW, ceilometer is a security supported project.
I think the fact that this many projects (and possibly more) are doing a thing that can be *really* bad is worth at least an advisory, so deployers are aware. It's not uncommon (nor a bad idea) to run OpenStack services in debug mode, and many of the largest clouds do exactly this.