What do you call something that grants root access without authentication, but wasn't intended to let arbitrary people or programs use it?
"Backdoor" isn't quite right, since that implies that the intent was to allow unauthorized use.
"Security vulnerability" isn't quite right either, since that usually implies getting code to exhibit some sort of behavior it was never supposed to have.
I can't think of any other term. Of the two, "backdoor" seems closer. Maybe "unintentional backdoor"?
> What do you call something that grants root access without authentication, but wasn't intended to let arbitrary people or programs use it?
Local privilege escalation. In a huge number of established LPEs, the exploit is by leveraging a weakness in checking who makes the call that allows legitimate privilege escalation. This is a legitimate privilege escalation (sshd binds to port 22, among others tasks), that can be exploited through a weakness in checking who is making that request and if they can have that granted.
Unintentional backdoor is better, wouldn't be my choice though.
To me the term backdoor implies malevolence and purposeful decision to allow you to remotely access someone's system without their permission later.
And purposeful decision to allow you to remotely access someone's system without their permission later.
This seems more like a mistake, although a pretty big one. It seems like it was designed as a small escaped out to make some of Apple's scripts cleaner it wasn't locked down to the degree that should've been.
It's a big security hole, but I'm not sure backdoor fits.
There is no jargon for "obscure, deliberately implemented security hole which supports system functionality", because nobody does that.
(For values of 'nobody' which are not members of a set that includes such as Apple, obviously.)
Jargon and slang is needed for shortening the names of everyday things that people do, use or encounter.
If Apple has started a trend, we might need a new term, like "root kludge". A deliberate solution with negative attributes is a kludge (that much we have slang for, because we encounter such things with reasonable frequency). This type of kludge gets us root. So ...
Wait, if Apple starts a trend with this, then it will be cool, and have some name that begins with 'i'.
How about "iHole".
"An iHole was discovered in my wi-fi router's firmware".
"Backdoor" isn't quite right, since that implies that the intent was to allow unauthorized use.
"Security vulnerability" isn't quite right either, since that usually implies getting code to exhibit some sort of behavior it was never supposed to have.
I can't think of any other term. Of the two, "backdoor" seems closer. Maybe "unintentional backdoor"?