I'm trying to grasp a better understanding of Thompson's Trojan Compiler (discussed in his 1984 ACM Turing Award speech "Reflections On Trusting Trust"), and so far this is how I understand it:
"The original login program for Unix would accept whatever login and password the root instructed it to. It would only accept a certain password, known only by the man who wrote the system. This could let him log in to the system as root."
Is this the right concept? I'm not 100% sure if I understand the whole concept.
If someone could make it clearer, it would help.
(See also Bruce Schneier Countering "Trusting Trust")