Comment 4 for bug 1354208

The difficulty here is that we don't know how frequently this replacement/interpolation functionality is used, or how exactly it is being used.

For existing stable releases, we can certainly recommend that you don't delegate the ability to create endpoints to anyone other than the system admin. The problem is that some deployments may truly need to allow delegation of endpoint creation. In these cases, there is really no secure option to allow delegation of endpoint creation. Allowing a whitelist, or even having the ability to turn off the replacement/interpolation would at least give us a secure option for stable releases. These approaches are new configuration though, which is something we try to avoid for stable releases. It also requires getting the word out that configuration changes need to be made. It feels like we should do something for stable releases here.