If you're using ssh, you should be aware that someone has recently figured out that if you can write in someone's home directory, you can set up a key for them, so that you can log in as them. This means that if ssh is installed on your system, an ordinary user who can write in someone else's home directory can also run commands as that user. For details, see http://www.cs.hut.fi/ssh/ssh-archive/messages/960801-062205-21029 The same message includes a patch to work around the problem.