It becomes a big risk when someone has set up a firewall, but a user can access them via SSH Port Forwarding. Most people don't know about this. Maybe at least print out an information when debconf occurs, warning the user of the Port Forwarding risks?