Bug 100921 - [patch] tftpd(8): libexec/tftpd: `-w' non-traditional access control
Summary: [patch] tftpd(8): libexec/tftpd: `-w' non-traditional access control
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 6.1-RELEASE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-07-27 17:00 UTC by Auster
Modified: 2018-08-22 16:14 UTC (History)
2 users (show)

See Also:


Attachments
file.diff (1.24 KB, patch)
2006-07-27 17:00 UTC, Auster
no flags Details | Diff
file.diff (2.95 KB, patch)
2006-07-27 17:00 UTC, Auster
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Auster 2006-07-27 17:00:36 UTC
Partially non-traditional(2) tftp write access control:
  tftpd(8):
  (1) files may be written only if they already exist and are publicly writable.

  (2)	-w	Allow writes requests to create new files.  By default tftpd
		requires that the file specified in a write request exist.


Condition: `-w' allow writes requests to create new files.

Summary, creation new files:
absolute filenames - incorrect
relative filenames - correct

Fix: for example: variants (1), (2), and (3).


variant (1):
  tftpd(8) manual correction only:

	-w	Allow writes requests to create new files.  By default tftpd
		requires that the file specified in a write request exist.
+		File creation are allowed for relative file names only.




variant (2):
  small code correction (create request w/ absolute file names):

variant (3):
  non-traditional read/write access control:

tftpd(8):
-	-w	Allow writes requests to create new files.  By default tftpd
-		requires that the file specified in a write request exist.
+	-w	Offers a non-traditional (for tftp) access control, which
+		will allows to read, write, and create files, with credentials
+		to tftpd ``user'' (default ``nobody'') only.
How-To-Repeat: 
~# grep '^tftp' /etc/inetd.conf
tftp	dgram	udp	wait	root	/usr/libexec/tftpd	tftpd -l -w -s /spool/tftp

~# touch a
~# mkdir /spool/tftp/1
~# chown nobody:nogroup /spool/tftp/1
~# chmod 755 /spool/tftp/1
~# rm -f /spool/tftp/1/a
~# tftp localhost
tftp| put a /1/a
Error code 1: File not found
  ! error - incorrect (for `tftpd -w')
tftp| put a 1/a
  ! no error - correct (for `tftpd -w')
Comment 1 Edwin Groothuis freebsd_committer 2007-10-08 09:23:12 UTC
Responsible Changed
From-To: freebsd-bugs->edwin

I'm interested in TFTP
Comment 2 Edwin Groothuis freebsd_committer 2008-02-14 10:34:20 UTC
Responsible Changed
From-To: edwin->freebsd-bugs


Give back into the pool until later.
Comment 3 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 08:00:12 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped
Comment 4 Alan Somers freebsd_committer 2018-08-22 16:14:23 UTC
Still an issue on FreeBSD 12.