Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The headline seems like a distinction without a difference. Bypassing ssh auth means getting a root shell. There is no significant difference between that and running system(). At most maybe system() has less logging.


> Bypassing ssh auth means getting a root shell

Only if you're allowed to login as root, which is definitely not the case everywhere.


My sense was this backdoor gets to execute whatever it wants using whatever "user" sshd is running as. So even if root logins are disabled, this backdoor doesn't care.


not only that, but logins show up in logs.


Plus, detection is likely to be be very different.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: