mountall.c in mountall before 2.15.2 uses 0666 permissions for the root.rules file, which allows local users to gain privileges by modifying this file.
https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/591807
http://www.vupen.com/english/advisories/2010/2342