> a mountain of legacy and they are fine.

telnetd CVE-2026-24061. It's embarrassingly simple exploit but took years to be discovered.

> When telnetd invokes /usr/bin/login, it passes the USER value directly. If an attacker sets USER=-f root and connects using telnet -a or --login, the login process interprets -f root as a flag to bypass authentication, granting immediate root shell access.

"Fine"

Why does every Linux distro under the sun try so hard to protect the garbage under /usr/bin/ and /etc/ when literally the only files that matter to me are in /home, which is a free-for-all?

Unixes like Linux are not immune.