Stuart Henderson <s...@spacehopper.org> wrote: > On 2020/04/07 09:01, Theo de Raadt wrote: > > This is horrible, as a user can fill the /var filesystem. > > they already can with /var/www/logs.
On my machines not running this software, they cannot cause any effect on that directory. The software utilization of 1% of machines should not create risk on the other 99% of machines. Regardless, we should be moving towards making /var over-utilization safer, rather than less safe.