The TFTP server delivers files to any requester without user authentication. It should be configured to limit the files it attempts to access. All file access is done under its own user identity. Clients can get files that are publicly readable and have security labels that the TFTP server dominates. Clients can put existing files that are publicly writable and have a security label that dominates the TFTP server's security label.
In a CINET environment, you should establish stack affinity to the intended server stack prior to starting each instance of TFTP.