Does fixing security faults in telnetd simply encourage people to use it? IOW, would deliberately _not_ fixing them be a better strategy? I suppose that argument could extend to: would it be good to _introduce_ security bugs to telnet, overtly?

@pndc I wouldn’t describe a vulnerability as a back door unless it was not well known or deliberately obscured. I do feel the plain text nature of telnetd is a fault, yes, but I appreciate others may not. There are other decision decisions I also feel are faults (e.g. accepting the client’s ENV). Also, it’s de-facto unmaintained.

@pndc yes. To be clear that was an extrapolation of my argument to not fix known issues; I don’t feel it should be done!