It looks like all of the problems come up in scripting languages. Maybe the compilers are a problem. There should be nothing giving out root to various programs without express permission from the administrator of the machine. It is startling to see that this has been a problem in Ubuntu for 10 years! They are pretty alert to security problems and fix them right away. Makes me wonder about backdoors, now!