[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TFTP permissions

On Wed, 2002-07-31 at 13:57, Charles Menzes wrote:
> All,
> A short while back, I wrote a perl script that automates sending and 
> receiving configuration files for routers through TFTP. The majority of 
> the questions I've received from people deal with how to set up their TFTP 
> server correctly. So, I've taken some time to try and write up a brief 
> HOWTO on the matter. 


> In my trail and error with using the in.tftpd option flags, I see that I 
> am able to specify a username that will act on behalf of the process for 
> reading and writing files. Nonetheless, files written to the server have 
> rw-rw-rw- permissions. I would have expected something more along the 
> lines of 644. 

That setting is likely reflective of the security of TFTP in general

> I've looked through the tftpd man page and glanced over rfc2347 and I dont 
> see any way of changing the umask used when files are written. Is anyone 
> aware of a method to accomplish this?

You might be able to set inetd's umask for this purpose.  Put a "umask
022" in /etc/[rc.d/]init.d/inetd and see if that helps.

If it doesn't, then it's likely that tftpd and/or inetd play with the
umask directly.  In that case, you're probably not going to be able to
change it without editing the source.

To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.