From HP-UX 11.31 Security Technical Implementation Guide
Part of GEN005080
Associated with IA controls: ECSC-1
Associated with: CCI-000366
Secure mode limits TFTP requests to a specific directory. If TFTP is not running in secure mode, it may be able to write to any file or directory and may seriously impair system integrity, confidentiality, and availability.
Determine if the TFTP daemon is installed, started, and running in secure mode. # cat /etc/inetd.conf | tr '\011' ' ' | tr -s ' ' | sed -e 's/^[ \t]*//' | grep -v "^#" | cut -f 6,7 -d " " | grep -i tftp If the tftpd process is not configured with exactly one path argument (example: "/usr/lbin/tftpd tftpd"), this is a finding.
Edit /etc/inetd.conf and add one path argument, representing the TFTP root directory, to the tftpd command.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer