Comment 1 for bug 1996457

After discussing this report with one of the Keystone core reviewers, I'm fairly confident this bug report is a help request and not disclosing an actual security vulnerability, so I've switched it to public now.