home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.security.misc
- Path: sparky!uunet!infonode!ingr!b30news!craig!craig
- From: craig@jido.b30.ingr.com (Craig Presson)
- Subject: Re: early Trojan Horse
- In-Reply-To: keithf@Nimitz.mcs.kent.edu's message of Wed, 18 Nov 1992 20:27:10 GMT
- Message-ID: <1992Nov19.161306.9362@b30.ingr.com>
- Sender: usenet@b30.ingr.com (Usenet Feed)
- Reply-To: craig@jido.b30.ingr.com
- Organization: Intergraph Corporation, Huntsville, Alabama
- References: <1992Nov18.202710.9652@mcs.kent.edu>
- Date: Thu, 19 Nov 1992 16:13:06 GMT
- Lines: 28
-
- In article <1992Nov18.202710.9652@mcs.kent.edu> keithf@Nimitz.mcs.kent.edu (Keith Fuller) writes:
-
- I heard that early UNIX systems came with a Trojan Horse.
- As I remember, the C compiler would compile one of the utilities
- in a way that would give a knowledgable person entry into any UNIX
- system.
-
- Does anyone know anything about this?
-
- This is described in "Reflections on Trusting Trust", the ACM Turing
- Award lecture by Ken Thompson, which appeared in Communications of
- the ACM, Vol. 27 # 8, August 1984. This should be required reading for
- every CS student.
-
- Like some other people who are asking such questions,
- I am indeed writing a term paper on UNIX security.
-
- Look at:
- Farrow, _Unix System Security_, Addison-Wesley 1991
- Garfinkel and Spafford, _Practical Unix Security_, O'Reilly &
- Associates, 1991.
-
- Sufficient references in both to get you as deep into the literature
- as you have time for. If you want to make your paper stand out, you
- might want to actually implement some of the suggestions instead of
- just digesting and restating.
-
- -- Craig Presson
-
