If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode.
An XCCDF Rule
Description
Restricting TFTP to a specific directory prevents remote users from copying, transferring, or overwriting system files.
- ID
- SV-230557r1017319_rule
- Version
- RHEL-08-040350
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure the TFTP daemon to operate in secure mode by adding the following line to "/etc/xinetd.d/tftp" (or modify the line to have the required value):
server_args = -s /var/lib/tftpboot