Why shouldn't I leave "root" permanently logged on the console?

Using a 'smart' terminal as console and leaving "/dev/console" world writable whilst "root" is logged in is a potential hole. The terminal may be vulnerable to remote control via escape sequences, and can be used to 'type' things into the root shell. The terminal type can usually be obtained via the "ps" command.

Various solutions to this can be devised, usually by giving the console owner and group-write access only, and then using the setgid mechanism on any program which has need to output to the console (eg: "write").