crawl before 4.0.0 does not securely call programs when saving and loading games, which allows local users to gain privileges.