Date: Mon, 1 Apr 1996 01:38:04 -3830 (CST) From: Michael Smith <msmith@atrad.adelaide.edu.au> To: taob@io.org (Brian Tao) Cc: msmith@atrad.adelaide.edu.au, regnauld@tetard.frmug.fr.net, hackers@FreeBSD.ORG Subject: Re: Howto: Sun 3's as X Terminal Message-ID: <199603311608.BAA29575@genesis.atrad.adelaide.edu.au> In-Reply-To: <Pine.NEB.3.92.960331093219.29121B-100000@zap.io.org> from "Brian Tao" at Mar 31, 96 09:50:59 am
next in thread | previous in thread | raw e-mail | index | archive | help
Brian Tao stands accused of saying: > > > > lovely:~>grep tftp /etc/inetd.conf > > tftp dgram udp wait nobody /usr/libexec/tftpd tftpd > > > > ... and I have a diskless Sun 3/60 and a Labtam MT200 booting off this > > system. > > Where is your tftpd file hierarchy anchored? I always use /. > /tftpboot, but I don't see any default hierarcy set from the source. /tftpboot is traditional; many clients will search there as well. > I assume that your entire filesystem is accessible via tftp in that > case since the code does not check for access restrictions. Inasmuch as tftpd runs as 'nobody', yes, the system is "wide open". Given that tftpd has no means for returning the contents of a directory, I don't consider it a major problem. I don't have anything to hide anyway 8) > How about adding an optional argument to tftpd that will be passed > to chroot()? As with the Solaris '-s' option? Probably a worthwhile addition for sites where security is an issue. > Brian Tao (BT300, taob@io.org) -- ]] Mike Smith, Software Engineer msmith@atrad.adelaide.edu.au [[ ]] Genesis Software genesis@atrad.adelaide.edu.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control (ph/fax) +61-8-267-3039 [[ ]] Collector of old Unix hardware. "Where are your PEZ?" The Tick [[
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199603311608.BAA29575>