Comment 19 for bug 1274034

Mostly going on Mark's comment about the "security tradeoffs" of shared networks, suggesting that this should be a known risk to most network-savvy deployers and so we ought to make sure it's clearly documented... I agree the result, for an unsuspecting operator, is fairly severe, however I think it's better to have these design discussions out in the open (for instance, the current patch proposed to solve this for Juno is blocked on lack of a blueprint and design specification).

If it turns out that this risk can be mitigated cleanly on stable branches, to the satisfaction of the stable maintainers and Neutron core reviewers alike, then it might be possible to revisit an advisory. In the meantime, visibly documenting this issue can only help improve the security of our user base so that operators who have not already can take preventative action.