Per-user rc.local files a bad idea?

Question

I was thinking about running commands at system start as a regular user. Currently, to do so, I use a syntax like this:

su -c 'command with some arguments' user

But I was thinking that it might be beneficial to have a per-user rc.local file at ~/.rc.local that would automatically get run as the user at startup. The code I came up for it is like this:

awk -F":" '{ if ($3 >= 1000) print $1, $6 }' /etc/passwd | while read u h
do 
  [ -x "$h/.rc.local" ] && su -c "cd $h; ./.rc.local" $u
done

This would be added to /etc/rc.local. It searches the home directory of every non-system user (i.e., a uid >= 1000), and if the file exists, and is executable, it cd's to the users home directory and executes that script as the user.

To me, this seems to eliminate any source of security risk, since it would be executing the script as the user, rather than root, but I've recently been reminded of my lack of security knowledge, so I present this question: is this a bad idea?

Right now, I'd only be running this on my home computer, and my home computer only has one non-system user. A few years down the road, my daughter my get her own account on the computer, but besides that, it's not like complete strangers will have access to this in any way.

So, is there any potential security hole that I'm overlooking? Also, is there a more elegant way to write that command?

Answer 1

This overlaps with the @reboot capability of per-user crontabs.