As posted at Launchpad, Ubuntu Linux 5.10 has a security hole that might local users allow to gain root privileges using sudo. The password for the first user created during installation (who has sudo-priviliges by default) is stored in a plain-text file.
To protect your machine of getting hijacked by a local user you have two possibilites:
- change your password
- type sudo rm /var/log/installer/cdebconf/questions.dat on a command shell to delete the logfile
This problem is said to be fixed in Dapper (the next release of Ubuntu Linux) but there must a solution to fix this hole on all Breezy installation as this file will propably not be deleted on an upgrade to Dapper.