tftpd is designed to only be able to write to a file only when that file exists in the "tftpboot" directory and is writable by world. This is a necessary function of tftpd because there are devices that write log files over tftp, and removing that functionality will prevent these devices from functioning properly. net-ftp/netkit-tftp at r7 (per ChangeLog) introduced a patch tftpd-put-fixes.patch that makes the assumption that files MUST NOT exist in order for tftpd to write them. This behavior is incorrect, and breaks the above requirements. I am recommending that tftpd-put-fixes.patch be removed and original functionality be restored, or at the very least that it be enabled/disabled via a use flag. Please see the man page for in.tftpd (pertinent portion quoted below): Files may be written only if they already exist and are publicly writable. Note that this extends the concept of ``public'' to include all users on all hosts that can be reached through the network; this may not be appropriate on all systems, and its implications should be considered before enabling tftp service. The server should have the user ID with the lowest possible privilege.
I should probably add that there are two tftp server daemons on the system (one from netkit-tftp and the other from iputils). This bug report is actually in reference to /usr/sbin/in.tftpd that is provided by net-ftp/netkit-tftp. My apologies for not specifying this in my original report.
dropped
