Bug 12129 - in.tftpd runs as root
Summary: in.tftpd runs as root
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: tftp   
(Show other bugs)
Version: 6.2
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Bill Nottingham
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-06-12 13:36 UTC by Jarno Huuskonen
Modified: 2014-03-17 02:14 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-06-12 13:36:42 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Jarno Huuskonen 2000-06-12 13:36:41 UTC
in.tftpd runs as root from inetd, even though the man page says
that the program should run with the least privileged account and the
files have to be world readable. So it should be safe to
run in.tftpd as nobody (works for me).
(Note! I didn't investigate if in.tftpd drops priviledges if run as root)

-Jarno

PS. I changed the tftp line in /etc/inetd.conf to this:
tftp   dgram   udp     wait    nobody  /usr/sbin/tcpd  in.tftpd
                                ^^^

Comment 1 Pekka Savola 2000-08-02 05:13:22 UTC
tftpd runs as nobody in the latest rawhide (and RH70 beta) build.



Note You need to log in before you can comment on or make changes to this bug.