Subject: sun-lamp CVS commits
To: None <firstname.lastname@example.org>
From: The Source of All Evil <source@NetBSD.ORG>
Date: 06/04/1995 16:50:02
Sun Jun 4 16:48:24 EDT 1995
Update of /a/cvsroot/src/libexec/tftpd
In directory pain.lcs.mit.edu:/b/tmp/cvs-serv9230
The tftpd daemon must be invoked as root in order for the chroot()
call to succeed, and must give up those privledges as soon as the new
root has been aquired. Use setgid() & setuid() to explicitly set the
user and group IDs to non- priveleged values.
This change now requires tftpd to be executed by root. I haven't
studied the security implications of making it setuid root, so
inetd.conf needs to be changed to start it as root.