# security group creation adds unrestricted egress rules by default?

Can you help me understand why when a new (blank) security group is created, unrestricted egress rules are automatically added by default?

$neutron security-group-create TEST$ neutron security-group-rule-list | grep 'TEST\|id'
| id             | security_group | direction | ethertype | protocol/port | remote          |
| ccbcc5e5...794 | TEST           | egress    | IPv6      | any           | any             |
| fc1b9168...92f | TEST           | egress    | IPv4      | any           | any             |


I'm probably missing something (apologies if so) but since these rules are also present on the 'default' security group, this would seems redundant at best and potentially dangerous at worst: in case the tenant is trying to restrict egress traffic, they need to remember to delete these default rules whenever they create a new SG?