A backdoor account is an account that has root privileges. If
installed by a hacker, that's obviously a bad thing. Such an
account isn't necessarily going to be obvious:
but sometimes sysadmins install their own backdoor for less nefarious purposes; to protect against an accidental root password change or to make certain tasks easier.
I'm of mixed mind on having this for protective purposes. Yes,
root passwords can be accidentally changed, and that can be a major annoyance
to fix (/Linux/lostlinuxpassword.html, /Unixart/lost_root_password.html). But if the backdoor account has an "easy" password, you've just
decreased security. If this is going to be done, I'd suggest making
a difficult password, sealing it in an envelope, and planning never
to use this account unless loss of root made it necessary.
Got something to add? Send me email.
(OLDER) <- More Stuff -> (NEWER) (NEWEST)
Printer Friendly Version
Increase ad revenue 50-250% with Ezoic
Inexpensive and informative Apple related e-books:
Take Control of Security for Mac Users
Take Control of OS X Server
Take Control of Pages
Take Control of Numbers
Take Control of the Mac Command Line with Terminal, Second Edition