lekash@WILBUR.ARPA (John Lekashman) (01/23/87)
We noted there was no directory protection from tftp on 4.3BSD vaxes. (At least ours) so here are a few lines of change in /usr/src/etc/tftpd/tftpd.c If you only have a binary, I'll go put a copy of ours in public ftp from orville.arpa. john 232,234c232 < int fd,deflist = 0; < FILE *flist ; < char s[1000]; --- > int fd; 236,250c234,235 < if (flist = fopen("/etc/tftp.perm","r")) { < while (fgets(s,1000,flist)) { < if (!strncmp(s,filename,strlen(s)-1)) { < deflist++; < break; < } < } < fclose(flist); < if (!deflist) return(EACCESS); < } else if ((strncmp(filename, "/tftpboot", strlen("/tftpboot")) && < strncmp(filename,"/usr/local/tftpboot", < strlen("/usr/local/tftpboot")))) { < return(EACCESS); < } < --- > if (*filename != '/') > return (EACCESS);