Comment 8 for bug 1506116

To summarize, this bug allows a someone to confirm the existence of a container with no ACL but web-listing true, it doesn't actually provide a means to find containers (short of randomly guessing) nor disclose any contents? If so, this seems more like a security hardening opportunity than something for which we'd issue a security advisory.