Subject: Re: tftpd: writing files with relative pathnames?
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Michael K. Sanders <firstname.lastname@example.org>
Date: 10/27/1998 12:02:12
In message <199810271501.KAA20533@Twig.Rodents.Montreal.QC.CA>, der Mouse write
>>> if (mode != RRQ || !strncmp(filename, "../", 3))
>>> return (EACCESS);
>Actually, it should be corrected by adding a note like "File names
>beginning with `../' are also disallowed except for read requests".
But that's only part of what the code does. ANY write request for a
file name that does not begin with the '/' character is disallowed,
including a plain filename with no directory components at all.
This is why I brought this up in the first place. That behavior is
not in the FreeBSD tftpd, and I don't understand why it was added.
Presumably there's a good explanation, but it should be documented
correctly in the man page at least.