It's possible to manipulate system settings with root permissions while message is displayed during user logon.
vulners.com/securityvulns/securityvulns:doc:17243