This is interesting way to get root privileges
Another way is to send to the kernel the parameter init=/bin/bash root=/dev/sda1
and then get root privileges without giving a password. If the malefactor have access to local machine, maybe only the encrypted partitions may help to save your data.
But for changing a content of rc.local needed root's privileges, and it's not a problem, and it is good.