Re: What backdoor?
So firstly my request was for El Reg to provide the details, they tend to summarise the technical information brilliantly.
Secondly, the linked blog - which I think is what you're referring to - only describes how RJ achieves persistence once its running.
So, if you can run code on a machine, you can often compromise it - yep, pretty well known. My question is, how does it get to execute if its not an exploit, so how does it create those files?
I think the answer is that it doesn't? It's therefore a payload that has to be used in conjunction with a runtime exploit?
An interesting payload, sure, but not sure it warrants the systemd bashing as if you're already running as root then it doesn't matter if the machine has systemd anyway, you're trashed.