From owner-freebsd-security  Wed Jan 10 17:28: 3 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mail5.sc.rr.com (fe5.southeast.rr.com [24.93.67.52])
	by hub.freebsd.org (Postfix) with ESMTP id CF7A937B401
	for <security@freebsd.org>; Wed, 10 Jan 2001 17:27:44 -0800 (PST)
Received: from sc.rr.com ([24.88.101.217]) by mail5.sc.rr.com  with Microsoft SMTPSVC(5.5.1877.537.53);
	 Wed, 10 Jan 2001 20:27:35 -0500
Message-ID: <3A5D1A3D.A7163F8D@sc.rr.com>
Date: Wed, 10 Jan 2001 20:28:13 -0600
From: "Donald J. Maddox" <dmaddox@sc.rr.com>
Reply-To: dmaddox@sc.rr.com
X-Mailer: Mozilla 4.76 [en] (Win98; U)
X-Accept-Language: en,pdf
MIME-Version: 1.0
To: Trevor Johnson <trevor@jpj.net>
Cc: Jason DiCioccio <Jason.DiCioccio@Epylon.com>,
	security@freebsd.org, Berend de Boer <berend@pobox.com>
Subject: Re: CERT advisory:  "Interbase Server Contains Compiled-in Back Door 
 Account"
References: <Pine.BSI.4.30.0101102004020.20643-100000@blues.jpj.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

The advisory states quite clearly that the backdoor was not the work of
evildoers from outside, but rather came from developers within Borland.

Trevor Johnson wrote:
> 
> > Can any users of this package confirm if they actually knew about
> > this backdoor account?  I don't see how a backdoor account accidently
> > makes its way into a database package like this.  If this was
> > undocumented/unknown, I would have to assume it might have been
> > intentional from someone working on the project perhaps?  I do not
> > use this database package, so I can't accuse anyone or any company of
> > this, but it's hard to imagine a 'backdoor account' making it's way
> > in the source otherwise.  I guess we'll have to wait for a Borland
> > advisory.
> 
> Hi, Jason.  I'm not sure what you mean:  that we should assume
> everything's fine and do nothing unless Borland also says there's a
> problem, or that you will just be curious about the origin of the problem
> until they explain it.
> 
> FWIW the problem is also described at http://www.interbase2000.com/ (which
> apparently does not belong to Borland).
> 
> The backdoor is not documented in the pkg-descr file for the port.  If the
> port is not fixed or forbidden, and it has the backdoor, the fact should
> at least be documented there.
> --
> Trevor Johnson
> http://jpj.net/~trevor/gpgkey.txt
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message