> At Tue, 25 Feb 2003 05:24:32 +0000 (UTC), Alex wrote:
> > I'd like to add a workaround for this bug to tftpd.  The
> > workaround checks whether a filename that fails to stat ends
> > with an 0xff, and if so, lops the last character off the
> > filename, and tries again with the new name.  
> 
> IMO, this deserves an option, and not to be on by default.
> 
> (if i'm setting up a TFTP server, unless i enable otherwise, _really_
> i only want it to allow access to the files that specifically enabled.
> the manual page should say something about what the option is for of
> course.)

As a workaday sysadmin, I reach the opposite conclusion for much
the same reasons.  If I enable a file, /tfptboot/bootfile, on my
tftp server and tell a client to boot from it, that's what I want
to happen.  The only way this workaround will cause a client to
boot from /tftpboot/bootfile is if that's the file it was told to
boot from *and* it instead requested /tftpboot/bootfile0xff *and*
there is not also a valid /tftpboot/bootfile0xff on the server.

There is no circumstance in which the workaround will give access
to a file the user did not intend:  it in fact preserves the
user's intention.  I think it would have little or no utility to
put this workaround in as an option --- more likely than not,
sysadmins wouldn't notice the option until they'd already
groveled through the tcpdump output and figured out they can fix
the problem by appending an 0xff to the filename on the server.

---Alex