From 1f9c54ba2f02cc75c99ce28770d2aaf6695921c4 Mon Sep 17 00:00:00 2001
From: hpa <hpa>
Date: Mon, 19 Nov 2001 21:25:51 +0000
Subject: [PATCH] More notes on security.

---
 tftpd/tftpd.8.in | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tftpd/tftpd.8.in b/tftpd/tftpd.8.in
index ccd7263..d03c148 100644
--- a/tftpd/tftpd.8.in
+++ b/tftpd/tftpd.8.in
@@ -283,7 +283,10 @@ and rely on firewalling or kernel-based packet filters instead.
 The server should be set to run as the user with the lowest possible
 privilege; please see the
 .B \-u
-flag.
+flag.  It is probably a good idea to set up a specific user account for
+.BR tftpd ,
+rather than letting it run as "nobody", to guard against privilege
+leaks between applications.
 .PP
 Access to files can, and should, be restricted by invoking
 .B tftpd