- Operating Systems Basics
- Operating System (OS) Home
- Operating System Basics
- What is an Operating System
- History of Operating System
- Mainframe Operating System
- Server Operating System
- Multiprocessor Operating System
- Personal Computer OS
- Real-Time Operating System
- Embedded Operating System
- Smart Card Operating System
- OS Processors
- OS Memory
- OS System Calls
- Operating System Structure
- OS Processes and Threads
- OS Processes
- OS Process Model
- OS Process Creation
- OS Process Termination
- OS Process Hierarchies
- OS Process States
- OS Process Implementation
- OS Threads
- OS Thread Model
- OS Thread Implementation
- OS Pop-up Threads
- OS Interprocess Communication
- OS Scheduling
- OS Thread Scheduling
- OS Deadlocks
- OS Deadlocks
- OS Deadlock Resources
- OS Deadlock Conditions
- OS Deadlock Modelling
- OS Deadlock Detection
- OS Deadlock Recovery
- OS Deadlock Avoidance
- OS Deadlock Prevention
- OS Two-Phase Locking
- OS Memory Management
- OS Memory Management
- OS Monoprogramming
- OS Multiprogramming
- OS Relocation and Protection
- Memory Management with Bitmap
- Memory Management with Linked List
- OS Virtual Memory
- OS Page Replacement Algorithms
- OS Local vs Global Allocation Policie
- OS Load Control
- OS Page Size
- OS Separate Instruction & Data Space
- OS Shared Pages
- OS Cleaning Policies
- OS Virtual Memory Interface
- OS Implementation Issues
- OS Involvement with Paging
- OS Page Fault Handling
- OS Instruction Backup
- OS Locking Pages in Memory
- OS Backing Store
- OS Separation of Policy & Mechanism
- OS Segmentation
- Operating System Input/Output
- Operating System Input/Output
- OS Input/Output Devices
- OS Device Controllers
- OS Memory-Mapped Input/Output
- OS Direct Memory Access DMA
- OS Input/Output Software Goals
- OS Programmed Input/Output
- OS Interrupt-Driven Input/Output
- OS Input/Output using DMA
- OS Input/Output Software Layers
- OS Disks
- OS Disk Hardware
- OS Disk Formatting
- OS Stable Storage
- OS Clocks
- OS Character-Oriented Terminals
- OS RS-232 Terminal Hardware
- OS Graphical User Interfaces
- OS Network Terminals
- OS Power Management
- OS File Systems
- OS Files
- OS File Naming
- OS File Structure
- OS File Types
- OS File Access
- OS File Attributes
- OS File Operations
- OS Memory-Mapped Files
- OS Directories
- OS Single-Level Directory System
- OS Two-Level Directory System
- OS Hierarchical Directory System
- OS Path Names
- OS Directory Operations
- OS File System Implementation
- OS File System Layout
- OS Disk Space Management
- Multimedia Operating System
- Multimedia Operating System
- OS Multimedia Files
- OS Audio Encoding
- OS Video Encoding
- OS Video Compression
- OS Multimedia Process Scheduling
- OS Multimedia File System Paradigm
- OS File Placement
- OS Caching
- OS Disk Scheduling
- OS Multiple Processor System
- OS Multiprocessors
- OS Multiprocessor Hardware
- OS Multiprocessor Synchronization
- OS Multiprocessor Scheduling
- OS Multicomputers
- OS Multicomputer Hardware
- Low-Level Communication Software
- User-Level Communication Software
- OS Remote Procedure Call
- OS Distributed Shared Memory
- OS Multicomputer Scheduling
- OS Load Balancing
- OS Distributed System
- OS Network Hardware
- OS Network Services and Protocols
- OS Document-Based Middleware
- OS File System-Based Middleware
- OS Shared Object-Based Middleware
- Operating System Security
- Operating System Security
- OS Threats
- OS Intruders
- OS Accidental Data Loss
- Basics of Cryptography
- Secret-Key Cryptography
- Public-Key Cryptography
- OS Digital Signatures
- OS User Authentication
- OS Trojan Horses
- OS Login Spoofing
- OS Logic Bombs
- OS Trap Doors
- OS Viruses
- OS AntiViruses
- OS Internet Worms
- Give Online Test
- All Test List
- Operating System Test
OS Trap Doors
Trap door is another security hole caused by an insider.
Basically trap door is created by computer code that is inserted into the computer system by a system programmer just to bypass some normal check.
To understand about trap door, let's consider an example, a system programmer could add the computer code to the login program just to allow anyone to log in using the login name "codescracker", no matter here about what was in the password file.
The normal code in login program might look like the following code:
while(TRUE)
{
printf("Login ID: ");
get_string(login_id);
disable_echoing();
printf("Password: ");
get_string(login_password);
enable_echoing();
v = check_validity(login_id, login_password);
if(v)
break;
}
execute_shell(login_id);
Now, the trap door would be the change to the following code:
while(TRUE)
{
printf("Login ID: ");
get_string(login_id);
disable_echoing();
printf("Password: ");
get_string(login_password);
enable_echoing();
v = check_validity(login_id, login_password);
if(v || strcmp(login_id, "codescracker") == 0)
break;
}
execute_shell(login_id);
Here, in the above trap door code, the call to the function strcmp is just to check whether the login name is "codescracker" or not.
If the login name is codescracker, then the login attempt succeeds and if the login name is not codescracker, then the login attempt doesn't succeeds.
Here, it doesn't matter what password is typed.
Now, if this trap door code were inserted by a system programmer working for a computer manufacturer and then shipped with its computer, then the programmer could log into any computer system made by his/her company, no matter who the owner is and what was in the password file.
The trap door is used to bypass the whole authentication process.
« Previous Tutorial Next Tutorial »
Like/Share Us on Facebook 😋