David Gwynne <da...@gwynne.id.au> wrote:
> On Sun, Oct 02, 2022 at 06:32:04PM +0000, Klemens Nanni wrote:
> > diskless(8) just needs tftpd(8) to deliver files, none of the possibly
> > untrusted clients are supposed to ever write anything.
> >
> > Either way, even when run without -c, a single file writable by _tftpd
> > might be enough for a malicious client to fill up the server's disk.
> >
> > A proper read-only mode ("stdio rpath dns inet") seems much safer.
>
> agreed. i'm ok with this diff, but it's worth asking if we can make the
> default read-only and ask people to opt in for write (and create) before
> this specific diff goes in. ie, read-only be default, '-w' to enable
> write mode, '-c' to enable write+create?
we were read-only believers a long time ago, and it seems the world has
caught up to our way of thinking so yes maybe it is time to make it an
option you must specify.
