Date: Tue, 16 Apr 1996 09:00:03 -0700 (PDT) From: Bill Fenner <fenner@parc.xerox.com> To: freebsd-bugs Subject: Re: bin/1145: tftpd should support -s Message-ID: <199604161600.JAA20979@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/1145; it has been noted by GNATS.
From: Bill Fenner <fenner@parc.xerox.com>
To: imp@village.org
Cc: FreeBSD-gnats-submit@freebsd.org, fenner@parc.xerox.com
Subject: Re: bin/1145: tftpd should support -s
Date: Tue, 16 Apr 1996 08:53:26 PDT
In message <199604160009.SAA02721@rover.village.org>you write:
>+ setuid( 32767 ); /* Revert to running as nobody */
Careful! On my FreeBSD boxes, nobody is uid 65534. I think what you really
want to do is
if ((nobody = getpwnam("nobody")) == NULL) {
syslog(LOG_ERROR, "nobody: no such user");
exit(1);
}
setuid(nobody->pw_uid);
>+ syslog(LOG_WARNING, "Access to theentire system graned");
I'm not sure that logging a warning is the right thing to do; this opens the
door for logfile spamming. How about just failing to run if no path arguments
are specified, and requiring an explicit "/" argument to allow granting access
to the entire system?
Bill
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199604161600.JAA20979>