There are many ways a program can fail and many ways to turn the underlying faults into security failures. When a user writes a program, there is a possibility that it can be misused by some other user and lead to an unexpected behavior. The two most common methods by which such behavior may occur are Trojan horses and trap doors.
Trojan Horse
One of the most serious threats to computer security is Trojan horse attack. A Trojan horse is a nasty program to break security that is hidden as something harmless such as a screen saver or game. The Trojan -horse problem is exacerbated by long search paths. The search path lists the set of directories to search when an ambiguous program name is given. The path is searched for a file of that name and the file is executed.
One can end such program by ending the interactive session with a sequence of key pressing such as control-alt-delete combination in Windows 95/98/NT systems.
Trap Door
A trap door is basically a program where the programmer might illegally or legally write the code to avoid normal security procedures for specific user. The designer of a program might leave a hole in the software that only the designer is capable of using.
A clever trap door can be included in a compiler. The compiler could generate standard object code as well as a trap door, regardless of the source code being compiled.
No comments:
Post a Comment