Starting in version 0.27, tftp-hpa has the option of a "use Unix permissions" mode. In this mode, tftpd can access any file accessible by the tftpd effective user, specified via the -u option. This means that files no longer need to be set to o+r or o+w. If file creation is enabled (via the -c option), the -p option also changes the default umask from 0 (anyone can read or write) to "unchanged" (inherited from the calling process.) The -U option can be used to override the default umask; this is recommended. The sanest setup, from a security standpoint, for tftpd to run in is probably the following: 1. Create a separate "tftpd" user and group only used for tftpd; 2. Have all your boot files in a single directory tree (usually called /tftpboot). 3. Specify "-p -u tftpd -s /tftpboot" on the tftpd command line; if you want clients to be able to create files use "-p -c -U 002 -u tftpd -s /tftpboot" (replace 002 with whatever umask is appropriate for your setup.) ======================================= Starting in version 0.17, tftp-hpa operates in genuine "wait" mode, which means that an in.tftpd process hangs around for some time after the last service request has arrived. This speeds up servicing a subsequent request, which apparently has been a problem in the past, resulting in "request storms" as the client keeps retrying, resulting in multiple connections on the server which the client has already abandoned. This also means that spawning tftp via tcpd is useless (in fact, this indirection seems to be part of the reason for these "request storms.") Instead, tftp-hpa supports calling the tcpwrapper library directly. Thus, if your /etc/inetd.conf looks like this (all on one line): tftp dgram udp wait root /usr/sbin/tcpd /usr/sbin/in.tftpd -s /tftpboot -r blksize ... it's better to change to ... tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot -r blksize You should make sure that you are using "wait" option in tftpd; you also need to have tftpd spawned as root in order for chroot (-s) to work. tftpd automatically drops privilege and changes user ID to "nobody" by default; the appropriate user ID for tftpd can be specified with the -u option (e.g. "-u tftpuser"). If you are running a busy boot server, I would suggest to instead use kernel-based firewalling rules, and to compile tftpd without tcpwrapper support, in order to provide significantly better performance. To do so, specify the --without-tcpwrappers option to configure when compiling; see the INSTALL.tftp file for more information.