Re: [api-sig][neutron] Question on oslo policy assertion when supplied attribute equals the default

this change might give a lower privileged user (eg a user who cannot specify "ha") the ability to sniff around for the defaults,

This was the only thing I could think of.

but i'm not sure if that information represents a security risk in this case.

Because they could also find that out by looking at the source code? efried .