A backdoor account is an account that has root privileges. If
installed by a hacker, that's obviously a bad thing. Such an
account isn't necessarily going to be obvious:
but sometimes sysadmins install their own backdoor for less nefarious purposes; to protect against an accidental root password change or to make certain tasks easier.
I'm of mixed mind on having this for protective purposes. Yes,
root passwords can be accidentally changed, and that can be a major annoyance
to fix (/Linux/lostlinuxpassword.html, /Unixart/lost_root_password.html). But if the backdoor account has an "easy" password, you've just
decreased security. If this is going to be done, I'd suggest making
a difficult password, sealing it in an envelope, and planning never
to use this account unless loss of root made it necessary.
Got something to add? Send me email.
More Articles by Tony Lawrence © 2012-07-16 Tony Lawrence