Comment 12 for bug 1254619

Yeah, I'm still not convinced this is actually exploitable, even by accident. It looks like the buggy user mapping would always end up in accidental access denying rather than accidental access allowance...

Alvaro: could you describe a scenario where this bug can be exploited for profit by an attacker ?