(view this code in a separate window)

/*
 * suidshell.c
 *
 * Minimalistic program that, when suid root
 * can run /bin/bash as root.  (/bin/bash
 * normally drops privs if uid != euid.)
 */

#include <stdio.h>

main() {
	setuid(getuid());
	system("/bin/sh");
}