Bug#3008: Telnetd sets wrong USER (funny side effects)

To: debian-bugs@pixar.com
Cc: tobias@et-inf.fho-emden.de, dth@cistron.nl
Subject: Bug#3008: Telnetd sets wrong USER (funny side effects)
From: Miquel van Smoorenburg <miquels@cistron.nl>
Date: Thu, 16 May 1996 00:23:53 +0200 (MET DST)
Message-id: <[🔎] 199605152223.AAA09069@picard.cistron.nl>
Reply-to: Miquel van Smoorenburg <miquels@cistron.nl>, debian-bugs@pixar.com

Package: netstd
Version: 2.03-1

Telnetd sets the USER environment variable to the first given loginname,
even if it is incorrect. Some programs then use this USER as the
username, for example tin in outgoing postings. This is undesireable.

One of our customers is root on another system. He usually logs in to
our system with telnet (as root on his system). He uses Solaris, and
Solaris tries an auto-login with telnet (just like "telnet -l user system").
Ofcourse the root-login attempt fails and he then logs in under his own name.

However at this point the USER variable is set to "root". This person
posted some very dubious articles in even more dubious newsgroups
and the From: header said "root@cistron.nl". Euh....

Mike.
--
  Miquel van    | Cistron Internet Services   --    Alphen aan den Rijn.
  Smoorenburg,  | mailto:info@cistron.nl          http://www.cistron.nl/
miquels@het.net | Tel: +31-172-419445 (Voice) 430979 (Fax) 442580 (Data)

Reply to:

Follow-Ups:
- Bug#3008: Telnetd sets wrong USER (funny side effects)
  - From: "Peter Tobias" <tobias@server.et-inf.fho-emden.de>

Prev by Date: Known problems with dpkg 1.2.0
Next by Date: Kernel-image pre rm scripts (wasRe: Inclusion of kernel version ...)
Previous by thread: Known problems with dpkg 1.2.0
Next by thread: Bug#3008: Telnetd sets wrong USER (funny side effects)
Index(es):
- Date
- Thread