I should probably add a grizzly-specific note explaining that we took this radical action in the patch.
Something like "Note: the patch for this vulnerability in Grizzly disables the ability to derive ec2 credentials from a trust, as there is no clean way in Grizzly to properly correlate the two." -- Feel free to suggest better wording to add to the description.
@Morgan: go for (1)
I should probably add a grizzly-specific note explaining that we took this radical action in the patch.
Something like "Note: the patch for this vulnerability in Grizzly disables the ability to derive ec2 credentials from a trust, as there is no clean way in Grizzly to properly correlate the two." -- Feel free to suggest better wording to add to the description.