back door
from
Jargon File (4.4.4, 14 Aug 2003)
back door
n.
[common] A hole in the security of a system deliberately left in place
by designers or maintainers. The motivation for such holes is not
always sinister; some operating systems, for example, come out of the
box with privileged accounts intended for use by field service
technicians or the vendor's maintenance programmers. Syn. {trap door};
may also be called a wormhole. See also {iron box}, {cracker}, {worm},
{logic bomb}.
Historically, back doors have often lurked in systems longer than
anyone expected or planned, and a few have become widely known. Ken
Thompson's 1983 Turing Award lecture to the ACM admitted the existence
of a back door in early Unix versions that may have qualified as the
most fiendishly clever security hack of all time. In this scheme, the
C compiler contained code that would recognize when the login command
was being recompiled and insert some code recognizing a password
chosen by Thompson, giving him entry to the system whether or not an
account had been created for him.
Normally such a back door could be removed by removing it from the
source code for the compiler and recompiling the compiler. But to
recompile the compiler, you have to use the compiler -- so Thompson
also arranged that the compiler would recognize when it was compiling
a version of itself, and insert into the recompiled compiler the code
to insert into the recompiled login the code to allow Thompson entry
-- and, of course, the code to recognize itself and do the whole thing
again the next time around! And having done this once, he was then
able to recompile the compiler from the original sources; the hack
perpetuated itself invisibly, leaving the back door in place and
active but with no trace in the sources.
The Turing lecture that reported this truly moby hack was later
published as "Reflections on Trusting Trust", Communications of the
ACM 27, 8 (August 1984), pp. 761--763 (text available at
http://www.acm.org/classics/). Ken Thompson has since confirmed that
this hack was implemented and that the Trojan Horse code did appear in
the login binary of a Unix Support group machine. Ken says the crocked
compiler was never distributed. Your editor has heard two separate
reports that suggest that the crocked login did make it out of Bell
Labs, notably to BBN, and that it enabled at least one late-night
login across the network by someone using the login name "kt".
from
The Free On-line Dictionary of Computing (8 July 2008)
back door
wormhole
<security> (Or "{trap door}", "{wormhole}"). A hole in the
security of a system deliberately left in place by designers
or maintainers. The motivation for such holes is not always
sinister; some {operating systems}, for example, come out of
the box with privileged accounts intended for use by field
service technicians or the vendor's maintenance programmers.
See also {iron box}, {cracker}, {worm}, {logic bomb}.
Historically, back doors have often lurked in systems longer
than anyone expected or planned, and a few have become widely
known. The infamous {RTM} worm of late 1988, for example,
used a back door in the {BSD} Unix "sendmail(8)" {utility}.
{Ken Thompson}'s 1983 Turing Award lecture to the {ACM}
revealed the existence of a back door in early {Unix} versions
that may have qualified as the most fiendishly clever security
hack of all time. The C compiler contained code that would
recognise when the "login" command was being recompiled and
insert some code recognizing a password chosen by Thompson,
giving him entry to the system whether or not an account had
been created for him.
Normally such a back door could be removed by removing it from
the source code for the compiler and recompiling the compiler.
But to recompile the compiler, you have to *use* the compiler
- so Thompson also arranged that the compiler would *recognise
when it was compiling a version of itself*, and insert into
the recompiled compiler the code to insert into the recompiled
"login" the code to allow Thompson entry - and, of course, the
code to recognise itself and do the whole thing again the next
time around! And having done this once, he was then able to
recompile the compiler from the original sources; the hack
perpetuated itself invisibly, leaving the back door in place
and active but with no trace in the sources.
The talk that revealed this truly moby hack was published as
["Reflections on Trusting Trust", "Communications of the ACM
27", 8 (August 1984), pp. 761--763].
[{Jargon File}]
(1995-04-25)
from
Moby Thesaurus II by Grady Ward, 1.0
105 Moby Thesaurus words for "back door":
French door, afterpart, afterpiece, archway, back, back road,
back seat, back side, back stairs, back street, back way,
backstairs, barway, behind, bolt-hole, breech, bulkhead, by-lane,
bypass, bypath, byroad, bystreet, byway, carriage entrance,
cellar door, cellarway, clandestine, covert, covert way, detour,
door, doorjamb, doorpost, doorway, escalier derobe, escape hatch,
escape route, feline, front door, furtive, gate, gatepost, gateway,
hatch, hatchway, heel, hidlings, hind end, hind part, hindhead,
hole-and-corner, hugger-mugger, lintel, occiput, porch, portal,
porte cochere, posterior, postern, privy, propylaeum, pylon, quiet,
rear, rear end, rearward, reverse, roundabout way, scuttle,
secret exit, secret passage, secret staircase, shifty, side door,
side road, side street, skulking, slinking, slinky, sly, sneaking,
sneaky, stealthy, stern, stile, storm door, surreptitious, tail,
tail end, tailpiece, threshold, tollgate, trap, trap door,
turnpike, turnstile, under-the-counter, under-the-table,
undercover, underground, underground railroad, underground route,
underhand, underhanded, unobtrusive
[email protected]