Local users get to play root?

[Richard Hughes]

2009/11/18 nodata <lsof at nodata.co.uk>:
> You install software with a known buffer overflow before it is fixed and
> exploit it. More software = more chances to exploit. Bingo!

Why would the additional package start extra services? I thought there
were guidelines about that. Anyway, if the user has physical access to
the machine, there are many quicker ways to root the box in question.
(Like rebooting, and using grub to go to runlevel 1)

Richard.