Bug#3008: Telnetd sets wrong USER (funny side effects)
Peter Tobias writes ("Bug#3008: Telnetd sets wrong USER (funny side effects)"):
> IMHO there is not much I can do. The "autologin" feature (-a and -l)
> works like this ("user" is set by the -a or -l option):
> As you can see it simply takes the user name and exports it if
> using autologin. At this point "telnet" doesn't know if USER
> is set correctly.
> /bin/login doesn't modify USER.
> IMHO the only solution to the problem would be to add a
> setenv("USER", pwd->pw_name, 1);
> to the login program. The source already sets USER like this on
> non linux platforms.
Surely if login doesn't set USER it should at least squash it so that
it doesn't have a bogus value ?
> PS: If there are no objections I'll reassign the bug to the
> login package.
I think you should.