Source: sec Version: 2.5.3-1+nmu1 Severity: critical Starting sec with /etc/default/sec untouched causes sec to write to syslog for example every time a rule creates a context. This may cause another context to get created. So sec wrote > 400GB syslog in 24h at my system making it unusable.
From the sec.pl manpage: "Warning: be careful with this option if you use SEC for monitoring syslog logfiles, because it might create message loops (SEC log messages are written to SEC input files that trigger new log messages)." Resolution: delete the "syslog=daemon" in /etc/default/sec
signature.asc
Description: OpenPGP digital signature
