> I am a little confused, when I telnet into the 2.05 am I running as
> root, because I didn't need to type in a password.
You wouldn't be able to enter the password because noone (I know) has
knowledge about the password. This is why you automatically get logged
in as the user the webserver is running in (which fortunately is root)
> If so how do I add a password so that the device is not left wide
Telnet is an unsafe protocol, you could try to replace "/bin/bash" in
the s05telnet script with /sbin/init, this could give you a logon prompt
> Also is there then a way I can enable/disable the daemon at will so I
> don't leave open a security hole?
I think it should be easier to only use the telnet daemon once to get
access to the Linkstation and then disable it and install ssh.
If you only want to have telnet running from time to time you could
install the exec.pl trick which is also described in the hacking howto
and then delete s05telnet.