In message <199810271501.KAA20533@Twig.Rodents.Montreal.QC.CA>, der Mouse write
s:
>>>         if (mode != RRQ || !strncmp(filename, "../", 3))
>>>             return (EACCESS);
>
>Actually, it should be corrected by adding a note like "File names
>beginning with `../' are also disallowed except for read requests".

But that's only part of what the code does.  ANY write request for a 
file name that does not begin with the '/' character is disallowed,
including a plain filename with no directory components at all.

This is why I brought this up in the first place.  That behavior is
not in the FreeBSD tftpd, and I don't understand why it was added.
Presumably there's a good explanation, but it should be documented
correctly in the man page at least.