Hmmm, a good point. It is trivial to forge this information and LOGNAME
implies that the variable is really the remote username.
Okay, so how about REMOTE_IDENT? Anyone object to that?
* Along those lines, it should probably be base64 encoded since
* it could be binary.
*/
Why? I see nothing in the RFC which implies that it could be binary, in
fact, the reply is specified to be terminated by a CR/LF pair. Is there
something I'm not reading correctly? Similarly, rfc931.c uses fgets to read
the server's reply which would probably be munged horribly by binary output
from the server.
--Rob