A backdoor account is an account that has root privileges. If
installed by a hacker, that's obviously a bad thing. Such an
account isn't necessarily going to be obvious:
but sometimes sysadmins install their own backdoor for less nefarious purposes; to protect against an accidental root password change or to make certain tasks easier.
If done for the latter reason, this is definitely a bad idea. Such problems should be solved with sudo or setuid programs.
I'm of mixed mind on having this for protective purposes. Yes,
root passwords can be accidentally changed, and that can be a major annoyance
to fix (/Linux/lostlinuxpassword.html, /Unixart/lost_root_password.html). But if the backdoor account has an "easy" password, you've just
decreased security. If this is going to be done, I'd suggest making
a difficult password, sealing it in an envelope, and planning never
to use this account unless loss of root made it necessary.
Got something to add? Send me email.
More Articles by Tony Lawrence © 2012-07-16 Tony Lawrence
It is difficult to free fools from the chains they revere. (Voltaire)
Tue Feb 15 02:49:29 2005: 26 bruceg
Does anyone remember the movie WarGames? That was the first thing to enter my mind when I read this title. Still a great movie to this day. I think it was the first DVD I purchased. I usally will watch it once a year, and recommend that everyone see it at least once. Even my family members who are not very computer literate appreciate the concept of there being no winner in a global nuclear war. Let's hope some of our elected officials, and foriegn officials watch it.
(link)
--BruceGarlock
------------------------
Printer Friendly Version
Backdoor: Tech Words of the Day Copyright © February 2005 Tony Lawrence
Have you tried Searching this site?
This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.
Contact us
Printer Friendly Version