[syslinux] PXE Error Reporting

[Don Cupp]

I'll play the security advocate....
So most of the people that implement tftp services have almost no idea how they work....and that's o.k.
They do however have a few fundamental beliefs that they expect to be true, and it is those beliefs that they use to make decisions when implementing a service and it's data structures. If they are not true, then they are likely vulnerable to an attack.
One of the things that has been held true for tftp, by many for a long time, is that it is a 'black box'. There is no ls utility for tftp. You can't get the list of files on the server. You can only ask for a file, and if the file exists and is accessible, then it is retrieved. If you could simply ask for all kinds of files that you didn't have access to, but *might exist*, an attacker could map out the file-system that the tftp service has access to and may find another chink in the armor along the way.
I can't think of another way to directly exploit the difference between noent and no access, but if tftp is expected to be a "black box", then it should continue to behave like one.