Right, but that would be a backdoor in that particular implementation. If you implement RSA yourself, you're safe from backdoors. (With the usual caveats about compilers, operating system and hardware.) The insidious thing about cryptographic backdoors is that they're embedded in the specification itself. Any conforming implementation will be vulnerable.