Subject RE: [IB-Architect] Politically Correct Backdoor
Author Jeroen W. Pluimers (All I'M)
> Cert has published the vulnerability at

There is a typo in the CERT bulletin:

It turns out the LOCKSMITH is an entity needed to allow "authorized"
interaction with the security accounts database between services. This
LOCKSMITH is the user account in question complied into the code with
full-access to the security accounts database by default. The compiled-in
code can be found in the jrd/pwd.h header which defines the macros in

'complied' must become 'compiled'.

Jeroen W. Pluimers
All Information Management