Comment 2 for bug 451893

Hi Marc,

I'm wondering why you removed the security vulnerability flag. This causes a denial of service for at least MTA software and probably any other software that relies on /var or / not being full.

PulseAudio is opening /dev/snd/timer until its maximum number of open files is reached. At that point. PulseAudio logs the same two messages until /var/log's available space is full. This causes subsequent log messages to be lost, and provides opportunities for several security-related events to occur without even a remote chance of detection. Furthermore, it causes the failure of MTA software even if /var/mail is _not_ full.