For users on systems where lynx is the login shell or somehow the only program allowed to run, the user can obtain a shell by simply "clicking" a link that looks like this: foo. Running hostile code is also easy with this feature: foo. The login shell (or something similiar) for eviluser@evilhost.foo prints out a few commands to run on the victim.