A very clever backdoor indeed. Good plausible deniability too, since this is such a common typo for C programmers, and one that isn’t even caught by syntax checkers, since it is still perfectly valid syntax. If they ever did track down who inserted it, they couldn’t prove that someone didn’t just “goof up” and forget the second equal sign.
Yes, it's actually a C idiom. E.g., to process the contents of a file:
while (bytes_read = read(buffer)) { // Work with buffer } // ... Dropped out of read loop because zero bytes were read
Commonly used compilers can be set to warn when the above is used, requiring it to be changed to:
while ((bytes_read = read(buffer)) != 0) { // Work with buffer } // ... Dropped out of read loop because zero bytes were read
to avoid the warning. Of course, the assignment still takes place whether the target is bytes_read or current->uid.
Many programming languages have since changed Boolean and equality checks to utilize linguistic code in addition to old-school code.
A good example is Microsoft’s Powershell or VBscript where one can use equality identifiers such as “-eq” or “-lt/-gt” (less-than/greater-than) in addition to the conventional syntax.
I’ve taken a liking to -eq or even -like for a more loose check.
This article, by the way, continues to bolster the open source movement as a much better, safer alternative to closed-source operating systems like Windows and OSX. Huzzah for community acceptance!