I think I understand your question.
After reading your link, it would appear that an exploit
would be trivial.
In order for the command in the sample to run the ssh
host has to have passwordless ssh setup. The procedure
is to create and share id keys, then change the default
configuration files to allow authentication without passwords.
As far as security of a system.
Anyone that has local access (able to physically touch the computer)
the game is basically over. All someone would need to do is to remove
the hard drive and place it in another system that can read the file system.
Then all files can be accessed. There is a little exception if your use whole
disk encryption and the system is not running.
Remote attacks involve more work to exploit a computer.
No system is secure. You need to weigh the benefits of trouble to the
user vs trouble logging in.
I hope some light was shed on the subject.