From owner-freebsd-stable Tue Jun 11 13:56:47 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.inoc.net (mx1.inoc.net [64.246.131.30]) by hub.freebsd.org (Postfix) with ESMTP id 7948F37B412 for ; Tue, 11 Jun 2002 13:56:41 -0700 (PDT) Received: from nimbus (unverified [10.0.0.111]) by mx1.inoc.net (Vircom SMTPRS 5.2.204) with ESMTP id ; Tue, 11 Jun 2002 16:36:43 -0400 From: "Robert Blayzor" To: "'Mike Hoskins'" Cc: Subject: RE: Problem in tftpd Date: Tue, 11 Jun 2002 16:36:43 -0400 Organization: INOC, LLC Message-ID: <004601c21187$b2c29930$6f00000a@z0.inoc.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3416 In-Reply-To: <20020611124406.J612-100000@snafu.adept.org> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG You are correct thanks. I've read this before but was more concerned about other users trolling through the FTP root and not reading files they are not supposed to. I mean, sure they can read them if they know the exact path and filename via tftp, which isn't critical. I managed to just turn off the world readable permissions one directory up which will prevent users on the system from going into the root and looking around. Thanks again for pointing this out. -- Robert Blayzor, BOFH INOC, LLC rblayzor@inoc.net I came, I saw, I deleted all your files. > -----Original Message----- > From: Mike Hoskins [mailto:mike@adept.org] > Sent: Tuesday, June 11, 2002 3:45 PM > To: Robert Blayzor > Cc: freebsd-stable@freebsd.org > Subject: Re: Problem in tftpd > > > On Tue, 11 Jun 2002, Robert Blayzor wrote: > > > I'm running into a problem with tftpd. The problem is that when I > > specify a user to run tftp, say user "ftp", tftpd can't > read any files > > in the root unless they are world readable. > > Is this a problem? From tftpd(8), > > "The use of tftp(1) does not require an account or password on the > remote system. Due to the lack of authentication information, tftpd > will allow only publicly readable files to be accessed." > > Later, > -Mike > > -- > "They that can give up essential liberty to obtain a little temporary > safety deserve neither liberty nor safety." --Benjamin Franklin > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message