security

/run/lock is world-writable, so sandbox users could store files in this directory. Files in this directory would persist until the server is rebooted.
A submitted program can write the test data for "hidden cases" - which should not be visible to the user - to /run/lock
The program can then read and display the contents of written files and revealing the test data for these hidden cases