> 	user[] shouldbe truncated to MAXLOGNAME to keep
> setlogin() happy, and I've incorporated that into a new patch
> below.  I've also forced user[] to be null terminated after
> leaving readline(), in case someone attempts a buffer overflow
> by sending more than 64 characters (sizeof user).

> ! 	/* force a trailing NULL*/
> ! 	user[sizeof user] = '\0';

I do not have the code in front of me but I would be more comfortable
with the statement

user[sizeof(user) - 1] = '\0';

which avoids an array overflow by 1

	Taras Ivanenko.