This is an egregious kernel backdoor on the Orange Pi (just type “echo rootmydevice > /proc/sunxi_debug/sunxi_debug”) but the comments are great:
“this is very security-conscious code, evidenced by choice of strncmp over strcmp to avoid buffer overflow-based exploits”
“this egregious code is also inefficient, zeroing out cred->euid twice.”
“I like it when backdoors are fully GPL compliant.”
Originally shared by Jan Wildeboer
This is truly evil IMHO. Allwinner backdoor, baked right into the kernel. https://twitter.com/DaveManouchehri/status/729453383799738369
UPDATE Here some more info, including a list of distros that have this backdoor: http://forum.armbian.com/index.php/topic/1108-security-alert-for-allwinner-sun8i-h3a83th8/
https://twitter.com/DaveManouchehri/status/729453383799738369