On Sun, Dec 9, 2012 at 3:31 PM, Ivo De Decker <ivo.dedec...@ugent.be> wrote:
> Control: severity -1 important
>
> Hi,
>
> On Tue, Nov 27, 2012 at 12:23:31PM +0100, Florian Gleixner wrote:
> > Source: sec
> > Version: 2.5.3-1+nmu1
> > Severity: critical
> >
> > Starting sec with /etc/default/sec untouched causes sec to write to
> > syslog for example every time a rule creates a context. This may cause
> > another context to get created. So sec wrote > 400GB syslog in 24h at my
> > system making it unusable.
>
> I'm downgrading this bug:
>
> The package doesn't create any rules. It doesn't start by default and it
> doesn't create /etc/sec.conf (which is used in /etc/default/sec and needed
> for
> sec to run). It doesn't even provide an example sec.conf. So if you want to
> use is, you have to read the documentation and create the configuration
> yourself. If you do that in a way that creates a problem, that might be a
> bug,
> but not a critical one.
>
I do admit here that the default configuration does give gun pointed
straight
to foot. However at the moment there's no clear way with sec to filter or
detect
loops, which makes robust defaults hard to build. Single shot loop test in
startup would be better than anything. I'll have to investigate the
options.
This is one of the reasons why there's no sec.conf by default.
--j
