tftpd and paths...

Dustin Mollo dustin at sonic.net
Mon Sep 6 20:48:28 PDT 1999


On Mon, Sep 06, 1999 at 08:40:53PM -0700, Mike wrote:
> Yeah,
> 
> It would be bad for security if anyone could tftp any file from your box
> without authentication. If you actually DID serve from the "/" root of
> your machine, this could allow them to grab your /etc/passwd file.
> Locate, or check to see if your tftp daemon support a "chroot" to a new
> directory. The common one used by tftp in slackware and debian (probably
> RH) is /boot
> 
> That is where they often locate kernels, and special boot images for
> network booting machines that are diskless (etc.)
> 
> See if you can tell tftp that its root directory is "/boot" or some other
> location where you wich to serve files...

Right.  That's what the tftpd that comes with RH does by default.  I'm aware
of it's built in security restrictions, but it makes sense to me for the
daemon to accept / as being the root of the chroot'd directory tree.  I
don't see why it doesn't allow it.  Oh well.  By default, it uses /tftpboot
(the Sun "standard").  You can only pass one argument to the daemon and
that's the directory you'd like it to serve files from.

I'm afraid what I'm really running up against is the brain dead boot monitor
that insists on thinking it's smarter than I am and putting a slash in there
when I don't want one :)

> If you find that their tftpd does not work as you wish, there are 3 tftp
> daemons that I have found in the past with different security.. try one of
> those. (One or two were found at sunsite....)

That's what I'm afraid I'm going to have to end up doing.  I'll go poke
around some tomorrow.  I assume they live under ~Linux/system/Network or
something similar.

Thanks, Mike!

-Dustin

--
Founder & President
The North Bay Linux Users' Group
http://www.nblug.org/
dustin at nblug.org



More information about the talk mailing list