Return to BSD News archive
Newsgroups: comp.os.386bsd.questions Path: sserve!newshost.anu.edu.au!munnari.oz.au!news.Hawaii.Edu!ames!agate!usenet.ins.cwru.edu!magnus.acs.ohio-state.edu!csn!csn!arrayb!cwolff From: cwolff@intellistor.com (Clint Wolff) Subject: Re: Challenge Message-ID: <1993Jul9.204659.1642@intellistor.com> Keywords: cron Organization: Intellistor, Longmont, CO References: <21hqc6$l1@Germany.EU.net> <21hurt$5ko@terminator.rs.itd.umich.edu> <21i0bh$nn@Germany.EU.net> Date: Fri, 9 Jul 93 20:46:59 GMT Lines: 25 In article <21i0bh$nn@Germany.EU.net> bs@Germany.EU.net (Bernard Steiner) writes: > >In article <21hurt$5ko@terminator.rs.itd.umich.edu>, pauls@terminator.rs.itd.umich.edu (Paul Southworth) writes: >|> Recommend you turn off tftp if you haven't already, unless you're booting >|> xterms. > >Why ? tftpd is supposed to run uid nobody chroot() to the tftpdirectory. > >Can't see how any harm can be done. > Take a quick look at your system, and see how many of your company proprietary files are in directories that are world read/execute... ALL of these files are accessible to tftp... This is bad... clint -- +-----------------------------------------------------------------------------+ | Clint Wolff Blonde and proud of it | | Fujitsu Computer Products of America - Intellistor Research and Development | | cwolff@slowboy.intellistor.com Ex-hacker... Now System Admininstrator | +-----------------------------------------------------------------------------+ | SAVE BANDWIDTH... EMAIL YOUR RESPONSES TO THE PERSON WHO ASKED... | | DON'T POST ME-TO MESSAGES... EMAIL THE ORIGINAL POSTER FOR A SUMMARY | +-----------------------------------------------------------------------------+