Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!lll-lcc!mordor!styx!ames!ucbcad!ucbvax!WILBUR.ARPA!lekash
From: lekash@WILBUR.ARPA (John Lekashman)
Newsgroups: mod.protocols.tcp-ip
Subject: tftp and proteon gateways.
Message-ID: <8701231850.AA01924@wilbur.arpa>
Date: Fri, 23-Jan-87 13:50:56 EST
Article-I.D.: wilbur.8701231850.AA01924
Posted: Fri Jan 23 13:50:56 1987
Date-Received: Sat, 24-Jan-87 05:35:49 EST
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The ARPA Internet
Lines: 32
Approved: tcp-ip@sri-nic.arpa

We noted there was no directory protection from
tftp on 4.3BSD vaxes. (At least ours) so here are
a few lines of change in /usr/src/etc/tftpd/tftpd.c
If you only have a binary, I'll go put a copy of ours
in public ftp from orville.arpa.
					john

232,234c232
< 	int	fd,deflist = 0;
< 	FILE    *flist ;
< 	char    s[1000];
---
> 	int	fd;
236,250c234,235
< 	  if (flist = fopen("/etc/tftp.perm","r")) {
< 	    while (fgets(s,1000,flist)) {
< 	      if (!strncmp(s,filename,strlen(s)-1)) {
< 		deflist++;
< 		break;
< 	      }
< 	    }
< 	    fclose(flist);
< 	    if (!deflist) return(EACCESS);
< 	  } else if ((strncmp(filename, "/tftpboot", strlen("/tftpboot")) &&
< 		     strncmp(filename,"/usr/local/tftpboot",
< 			      strlen("/usr/local/tftpboot")))) {
< 	    return(EACCESS);
< 	  }
< 
---
> 	if (*filename != '/')
> 		return (EACCESS);