APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

2005/02/14 Backdoor

A backdoor account is an account that has root privileges. If installed by a hacker, that's obviously a bad thing. Such an account isn't necessarily going to be obvious:

but sometimes sysadmins install their own backdoor for less nefarious purposes; to protect against an accidental root password change or to make certain tasks easier.

If done for the latter reason, this is definitely a bad idea. Such problems should be solved with sudo or setuid programs.

I'm of mixed mind on having this for protective purposes. Yes, root passwords can be accidentally changed, and that can be a major annoyance to fix (/Linux/lostlinuxpassword.html, /Unixart/lost_root_password.html). But if the backdoor account has an "easy" password, you've just decreased security. If this is going to be done, I'd suggest making a difficult password, sealing it in an envelope, and planning never to use this account unless loss of root made it necessary.

Got something to add? Send me email.

1 comment

Increase ad revenue 50-250% with Ezoic

More Articles by

Find me on Google+

© Tony Lawrence

Tue Feb 15 02:49:29 2005: 26   bruceg

Does anyone remember the movie WarGames? That was the first thing to enter my mind when I read this title. Still a great movie to this day. I think it was the first DVD I purchased. I usally will watch it once a year, and recommend that everyone see it at least once. Even my family members who are not very computer literate appreciate the concept of there being no winner in a global nuclear war. Let's hope some of our elected officials, and foriegn officials watch it.



Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us