Are Firebase security rules equivalent to allow/deny rules in meteor?

Firebase’s security rules seem an awful lot like meteor’s allow/deny rules. I was wondering if they imply the same security risks that come with meteor’s allow/deny sytem.

What are the allow/deny security risks?

To me it couldn’t be simpler, you explicitly define who’s allowed to read/write any piece of data and everyone else is denied.