I think the wording of the commit comment is actually slightly misleading. Network profiles are N1KV specific concept. It isn't so much the case that we are restricting them to close a security vulnerability as we are restricting them to better support multi-tenant cases from the plugin side. We added the logic to limit the scope of network profiles to be per-tenant from the plugin perspective by default. Additionally we included the config option to give the user the ability to relax this constraint and share profiles among all tenants for a particular deployment (avoiding the need to manually assign all tenants to all profiles).
I think the wording of the commit comment is actually slightly misleading. Network profiles are N1KV specific concept. It isn't so much the case that we are restricting them to close a security vulnerability as we are restricting them to better support multi-tenant cases from the plugin side. We added the logic to limit the scope of network profiles to be per-tenant from the plugin perspective by default. Additionally we included the config option to give the user the ability to relax this constraint and share profiles among all tenants for a particular deployment (avoiding the need to manually assign all tenants to all profiles).