Bugtraq mailing list archives
Re: Backdoor Paper
From: dube0866 () EUROBRETAGNE FR (Nicolas Dubee)
Date: Sun, 27 Jul 1997 14:34:42 +0200
hello, you may want to add this "feature" that can act as a backdoor: when specifying a wrong uid/gid in the /etc/password file, most login(1) implementations will fail to detect the wrong uid/gid and atoi(3) will set uid/gid to 0, giving superuser privileges. example: rmartin:x:x50:50:R. Martin:/home/rmartin:/bin/tcsh on Linux boxes, this will give uid 0 to user rmartin. -plaguez dube0866 () eurobretagne fr
Date: Sat, 16 Aug 1997 19:07:58 -0400 From: Christopher Klaus <cklaus () ISS NET> Subject: Backdoor Paper Here's a paper I wrote on backdoors. Feedback welcome. Backdoors By Christopher Klaus 8/4/97
Current thread:
- Re: Backdoor Paper Nicolas Dubee (Jul 27)
- <Possible follow-ups>
- Backdoor Paper Christopher Klaus (Aug 16)
- Re: Backdoor Paper Evil Pete (Aug 25)
- Re: Backdoor Paper Darren Reed (Aug 25)