Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 12129 - in.tftpd runs as root
in.tftpd runs as root
Product: Red Hat Linux
Classification: Retired
Component: tftp (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Bill Nottingham
Depends On:
  Show dependency treegraph
Reported: 2000-06-12 09:36 EDT by Jarno Huuskonen
Modified: 2014-03-16 22:14 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2000-06-12 09:36:42 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jarno Huuskonen 2000-06-12 09:36:41 EDT
in.tftpd runs as root from inetd, even though the man page says
that the program should run with the least privileged account and the
files have to be world readable. So it should be safe to
run in.tftpd as nobody (works for me).
(Note! I didn't investigate if in.tftpd drops priviledges if run as root)


PS. I changed the tftp line in /etc/inetd.conf to this:
tftp   dgram   udp     wait    nobody  /usr/sbin/tcpd  in.tftpd
Comment 1 Pekka Savola 2000-08-02 01:13:22 EDT
tftpd runs as nobody in the latest rawhide (and RH70 beta) build.

Note You need to log in before you can comment on or make changes to this bug.