Backdoor users on Linux with uid=0
On Unix/Linux users with a uid=0 are root. This means any security checks are bypassed for them.
An adversary might go ahead and create a new account, or set an existing account’s user identifier (uid) or group identifier to zero.
A simple way to do this is to update /etc/passwd of an account, or use usermod -u 0 -o mallory.
Let’s create a new user named mallory:
wuzzi@saturn:/$ sudo adduser mallory [.