Subject: bin/4637 - tftpd "secure" variable is irrelevant
To: None <firstname.lastname@example.org, email@example.com, firstname.lastname@example.org>
From: Alexis Rosen <email@example.com>
Date: 01/30/1999 15:40:14
firstname.lastname@example.org (Geoff Wing) wrote:
> This patch shouldn't go in as is. It should _definitely_ check the
> ``secure'' variable before allowing writes of this nature. There's
> been discussion about this before.
Checking "secure" would be pointless. If it's set, the chroot will have
already been done, and "/" will mean the top level of the chroot. There's
nothing wrong with this. Furthermore, you *still* have to pass access checks:
there must be a file of the same name in the chroot / that's world-writeable.
Looked at another way, any stricture you impose would be obviated simply
by the user asking to write to "/filename" instead of "filename". That's
not useful security.
Alexis Rosen Owner/Sysadmin,
PANIX Public Access Unix & Internet, NYC.