The linux desktop default limited accounts do not provide as much security as advertised (in most if not all linux distributions, although not all distributions use sudo).
Any linux command can be hijacked by changing the current user path (tested only in Ubuntu). As a result of this a call to sudo /usr/sbin/synaptic can be redirected by a malicious application to sudo ~/.trojan_launcher.
See for details.

I think that is a good opportunity to also discuss how useful the default user account security limitations really are for the average linux desktop user.
Do you fell safer not running as root on your music, pictures, internet PC? Why?