Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 29 Nov 1999 22:34:42 +0100
From:      "Niels Chr. Bank-Pedersen" <ncbp@bank-pedersen.dk>
To:        freebsd-questions@FreeBSD.ORG, Richard Cotrina <rcc@demo.telefonica.com.pe>
Subject:   Re: tftpd put error message
Message-ID:  <19991129223442.B11668@bank-pedersen.dk>
In-Reply-To: <006a01bf3aae$e509f9e0$4d01190a@tp.com.pe>; from rcc@demo.telefonica.com.pe on Mon, Nov 29, 1999 at 04:15:42PM -0500
References:  <001f01bf3a78$46b7f250$4d01190a@tp.com.pe> <006a01bf3aae$e509f9e0$4d01190a@tp.com.pe>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Nov 29, 1999 at 04:15:42PM -0500, Richard Cotrina wrote:
> Hi again:
> 
> Well, after a carefully reading, I found that tftp only write in its
> directory over existing files.

Actually, this behaviour is caused by security considerations in the
daemonprocess tftpd(8):

 The use of tftp(1) does not require an account or password on the remote
 system.  Due to the lack of authentication information, tftpd will allow
 only publicly readable files to be accessed.  Files containing the string
 ``/../'' or starting with ``../'' are not allowed.  Files may be written
 only if they already exist and are publicly writable.  Note that this ex-
 tends the concept of ``public'' to include all users on all hosts that
 can be reached through the network; this may not be appropriate on all
 systems, and its implications should be considered before enabling tftp
 service.  The server should have the user ID with the lowest possible
 privilege.

> Before the "put" command , I had to create a blank file in the tftpboot
> directory.
> 
> $cd /tftpboot
> $ touch file.c
> $ cd /tmp ; ls
> file.c
> $ tftp locahost
> tftp> put file.c
> Sent 25 bytes in 0.5 seconds
> 
> Is this a normal tftp behaviour ?

Yup, its all in the manpage.

> Richard


/Niels Chr.

-- 
 Niels Christian Bank-Pedersen, NCB1-RIPE.
 Network Manager, Tele Danmark NET, IP-section.

 "Hey, are any of you guys out there actually *using* RFC 2549?"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991129223442.B11668>