Root access is the worst case indeed, but it's not a silver bullet if what you really want to protect is accessible by current user. I've seen my share of magical thinking banning root at all costs while in fact confidential data can be grabbed by an exploitable non-root user.

The hack seems already quite old now, I found this 3-years old post : http://it.toolbox.com/blogs/puramu/javascript-hack-to-display-your-browsing-history-12694 Proof of concept : http://ha.ckers.org/weird/CSS-history.cgi