case for a live image, and that if you were doing that, you'd probably know you should set a root password. Why would you do that, btw?
I'm trying to think outside of the box, and sometimes I'm having difficulty doing so because for most of the scenarios I'm thinking of, most people doing so would also know to set a root password. But along the lines of playing devil's advocate:
You're using the liveCD to do some system rescue work for a friend, and enable desktop control by an external source, say to work in tandem with someone else. Perhaps you even get an SSH server going. The system in question has valuable, at least to the owner, files on it. You have a direct internet connection and no router to "protect you behind a NAT", and your partner is at another location. A bot sniffs the IP and bang, gets in either by SSH root login, or VNC's into the desktop and starts up a terminal.
Of course it would be irresponsible of you to not have set up a root password in advance, given that you're supposed to be the expert in system recovery and at least some system security, but ...
And then there's the newbie who just "wants to try it out" without harming their Windows setup, and sees the settings for "let others control the desktop", thinking "ooooh, what does this do?" Click!