But even the anonymous user can to something like cat /dev/zero > /tmp/foobar
I don't know, if this matches your definition of "security issues" but it's an effective way to make the box unusable. A anonymous user has by default the same rights as "other users" if the anonymous user bit is not set. A utility for twiddling those bits will be added to coreutils quite soon... :)
