Bug 12129
| Summary: | in.tftpd runs as root | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Jarno Huuskonen <jarno.huuskonen> |
| Component: | tftp | Assignee: | Bill Nottingham <notting> |
| Status: | CLOSED RAWHIDE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 6.2 | CC: | rvokal |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2000-06-12 13:36:42 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
tftpd runs as nobody in the latest rawhide (and RH70 beta) build. |
in.tftpd runs as root from inetd, even though the man page says that the program should run with the least privileged account and the files have to be world readable. So it should be safe to run in.tftpd as nobody (works for me). (Note! I didn't investigate if in.tftpd drops priviledges if run as root) -Jarno PS. I changed the tftp line in /etc/inetd.conf to this: tftp dgram udp wait nobody /usr/sbin/tcpd in.tftpd ^^^