From 41f70b941243373dc2fc8fdb5e760c867779dc8f Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Tue, 1 Dec 2015 07:32:20 +0000
Subject: switch to new _tftp_proxy user; ok dlg

---
 usr.sbin/tftp-proxy/tftp-proxy.8 | 11 ++---------
 usr.sbin/tftp-proxy/tftp-proxy.c |  4 ++--
 2 files changed, 4 insertions(+), 11 deletions(-)

diff --git a/usr.sbin/tftp-proxy/tftp-proxy.8 b/usr.sbin/tftp-proxy/tftp-proxy.8
index 5fc83c289c5..4656098d65f 100644
--- a/usr.sbin/tftp-proxy/tftp-proxy.8
+++ b/usr.sbin/tftp-proxy/tftp-proxy.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: tftp-proxy.8,v 1.5 2013/12/23 13:07:47 florian Exp $
+.\"	$OpenBSD: tftp-proxy.8,v 1.6 2015/12/01 07:32:20 deraadt Exp $
 .\"
 .\" Copyright (c) 2005 joshua stein <jcs@openbsd.org>
 .\"
@@ -25,7 +25,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 23 2013 $
+.Dd $Mdocdate: December 1 2015 $
 .Dt TFTP-PROXY 8
 .Os
 .Sh NAME
@@ -136,10 +136,3 @@ pass out quick on $ext_if inet proto udp from $lan to port tftp \e
 .Xr ftp-proxy 8 ,
 .Xr syslogd 8 ,
 .Xr tftpd 8
-.Sh CAVEATS
-.Nm
-chroots to
-.Pa /var/empty
-and changes to user
-.Dq proxy
-to drop privileges.
diff --git a/usr.sbin/tftp-proxy/tftp-proxy.c b/usr.sbin/tftp-proxy/tftp-proxy.c
index aa8b311dfb9..30fea627d98 100644
--- a/usr.sbin/tftp-proxy/tftp-proxy.c
+++ b/usr.sbin/tftp-proxy/tftp-proxy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tftp-proxy.c,v 1.15 2015/11/14 04:02:32 deraadt Exp $
+/* $OpenBSD: tftp-proxy.c,v 1.16 2015/12/01 07:32:20 deraadt Exp $
  *
  * Copyright (c) 2005 DLS Internet Services
  * Copyright (c) 2004, 2005 Camiel Dobbelaar, <cd@sentia.nl>
@@ -52,7 +52,7 @@
 #include "filter.h"
 
 #define CHROOT_DIR	"/var/empty"
-#define NOPRIV_USER	"proxy"
+#define NOPRIV_USER	"_tftp_proxy"
 
 #define DEFTRANSWAIT	2
 #define NTOP_BUFS	4
-- 
cgit v1.2.3-59-g8ed1b