, SecurityFocus 2003-11-06
Software developers on Wednesday detected and thwarted a hacker's scheme to submerge a slick backdoor in the next version of the Linux kernel, but security experts say the abortive caper proves that extremely subtle source code tampering is more than just the stuff of paranoid speculation.
Anonymous
1. Better check all that code that runs with escalated privileges. (UNIX setuid programs, login programs etc, programs for Windows that bump privileges).
2. This classic C error is caught by static checkers like lint.
3. In Peter van der Linden's "Expert C Programming"...
[ more ]