Comment 6 for bug 1284718

I think in the context of (a) the driver for a security issue would be if by direct attaching to the floating ip network, you could consume more ports than you would normally be able to consume floating ip's (as dictated by quota). This could cause some sort of potential DoS attach by consuming floating ips via a backdoor route. I've not confirmed whether this is the case or not.

Re b) - yes that does just sound like a bug.