Bugtraq mailing list archives

Reflections on Trusting Trust [was: Re: Solaris telnet ...]

From: Gadi Evron <ge () linuxbox org>
Date: Thu, 15 Feb 2007 19:19:18 -0600 (CST)

On Thu, 15 Feb 2007, Darren Reed wrote:

How about putting a backdoor into your C compiler such that it
generates "special code" when it recognises it is compiling
/bin/login that allows special access?


Once every 2 years or so I have the chance of mailing in a reference to
the best security paper ever written (or one of the..). It is not just
about compilers, but about the most basic concept in security.

Reflections on Trusting Trust - Ken Thompson
http://www.acm.org/classics/sep95/

        Gadi.

Current thread:

RE: Solaris telnet vulnberability - how many on your network?, (continued)
- - - RE: Solaris telnet vulnberability - how many on your network? Michal Zalewski (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Casper . Dik (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Gadi Evron (Feb 14)
    - Re: Solaris telnet vulnberability - how many on your network? Damien Miller (Feb 14)
    - Re: Solaris telnet vulnberability - how many on your network? Gadi Evron (Feb 15)
    - Re[2]: Solaris telnet vulnberability - how many on your network? Thierry Zoller (Feb 14)
    - RE: Re[2]: Solaris telnet vulnberability - how many on your network? Roger A. Grimes (Feb 14)
    - RE: Re[2]: Solaris telnet vulnberability - how many on your network? Gadi Evron (Feb 15)
    - Re: Re[2]: Solaris telnet vulnberability - how many on your network? Darren Reed (Feb 15)
    - RE: Re[2]: Solaris telnet vulnberability - how many on your network? Evans, Thomas (Feb 15)
    - Reflections on Trusting Trust [was: Re: Solaris telnet ...] Gadi Evron (Feb 16)
    - Re: Solaris telnet vulnberability - how many on your network? georg . oppenberg (Feb 13)
  - Re: Solaris telnet vulnberability - how many on your network? Casper . Dik (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Gadi Evron (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Casper . Dik (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Gadi Evron (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Gadi Evron (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Casper . Dik (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Joe Shamblin (Feb 14)
    - Re: Solaris telnet vulnberability - how many on your network? Casper . Dik (Feb 14)
    - RE: [Full-disclosure] Solaris telnet vulnberability - how many onyour network? David Taylor (Feb 14)

(Thread continues...)