Trojan Horse

Tags: exploit

Malware that [see page 4, masquerades] as a friendly program, behaving as expected, but also performing some unexpected actions in the background.

The danger of Trojans is that their commonly [see page 5, executed] with the same permission as the user that invokes them... meaning an admin running a Trojan can give admin access to the Trojan.

Counter-protection

You can [see page 6, protect] against Trojan's by:

Scrutinising the program code and verify it has no Trojan behaviour.
Assume that Trojan horses are inevitable and try to limit the damage they can cause with TCB.

Links to this note

Discretionary Access Control
Rogue
Trusted Computer Base