The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #302 [tftpd] (1 message, 538 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/302.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: Steve Schoch <schoch@trident.arc.nasa.gov>
To: phage
Date: Sun 19:23:30 27/11/1988 EST
Subject: tftpd
References: [Thread Prev: 306] [Thread Next: 304] [Message Prev: 301] [Message Next: 303]

> 		"A fourth alternative is to hack tftp to do a chroot call, and
> 		 put the (limited) set of files you allow to be copied in the
> 		 restricted directory.  This is similar to the technique used
> 		 with ftp.  It too requires source code.

If you run tftp from /etc/inetd.conf and don't want it to run as root,
you can simply refuse any requests with a '/' in the path name.  If you
can think of a way around that, let me know about it (and send me the
password file from this machine).

We have just these files in /tftpboot:

80668053, boot.hex, mon.exe

		Steve

END OF DOCUMENT