Any local user (including web Guests) can perform some administration tasks.
vulners.com/securityvulns/securityvulns:doc:2803