How about also change login.c? This is easy to detect if somebody reads the code. Q: how to make it more difficult to detect?
Approach 2: Change compiler.c for login.c, and change login.c back to the normal. When the compiler compiles login.c, it automatically adds the Trojan horses to login binary.
What if somebody reads compiler.c? The Trojan horse in compiler.c can be detected. They can get another copy of compiler.c, and compile this new (and clean) compiler.c.
Approach 3: Change the complier.c, such that a Trojan horse will be added to the binary if compiler.c and login.c are compiled. After we get the binary of compiler, we change compiler.c back to the normal.
The Trojan horse is already built into the binary of compiler.
Unless somebody looks at the compiler binary, the Trojan horse is difficult to detect. None of the source files contain any Trojan horse; Trojan horses are added by the compiler.
To remove the Trojan horse, one has to change the compiler program.
Must be activated by being executed. There are various ways to get activated