Unix has a special attribute that some programs have set called the 'suid' bit. When you run a program with the suid bit set the kernel runs the program as the owner of the program rather than as you, the person running it. This means that when it is running the program has access to all of it's owners files and privileges.
It's probably simpler to explain this by example.
[stephen@benji stephen]$ ls -l /usr/bin/passwd -r-s--x--x 1 root root 10704 Apr 14 1999 /usr/bin/passwd
The `passwd' program has to be able to update the /etc/passwd and /etc/shadow files so it must run as root to do this. This is achieved because it's owner is root and it has the suid bit set (the `s' in the 4th character of the output of ls). We run passwd as our user, but the kernel automatically makes it run as root. This means that if we can find an exploit in passwd then we have found a way of elevating our privileges to those of root.
In a similar way to services we ought to be carefull about the number of pointless suid binaries we have on our system, although you have to be somewhat more carefull about removing them than services .. some of them are more-or-less essential for the system to function properly.
You can list all the suid binaries on your system with
for i in `find / -perm +6000 -type f`; do ls -aFl $i >> suids; done
(You might want to examine -prune or -xdev if you happen to have an NFS mount of sunsite before you run the above)
When you've done that delete any that are called 'suidperl' or 'sperl-xxx'.