But don't forget that what the kernel people call 'local' access really means any bug in any network application that lets you execute an arbitrary command even if it is non-root - and those have historically been pretty common.
sounds like local install of famous php scripting language...
-- Eero