@TheEvilSkeleton The claim about security is flat out wrong.
File system access *is* full access.
If you can write to the file system, you can write a script, mark it executable, and tweak ~/.profile etc to run it on startup. This doesn't even require being able to mark a file executable, because you can simply add e.g. 'python malicious.py' to the end of the login script.