Comment 5 for bug 1840895

Hi,

Thx for reporting this issue. Indeed it looks that with mentioned command user can automatically allocate all available vlan ids from db.
So it looks like quite serious issue. But from the other hand, provider network can be by default created only by admin user (see https://github.com/openstack/neutron/blob/master/neutron/conf/policies/network.py#L91) so I'm not sure if that is really serious security issue. Admin user should be aware of what he is doing in the cloud and such user in fact has also other potential possibilities to "break" something for users.