I know my install of linux isn't exactly super-secure (mandrake 9.0 left in it's default state, pretty much), but the bootdisk would allow him to do what he wants (I just tried it and I'm typing this from linux before booting back to XP).
a) The bootdisk displays the text prompt and clearly states when any extra parameters can be entered.
b) After booting off the disk, I was able to log in as a user account. A bit of fiddling later and I found that while I couldn't access the init command from there, what I
could do was:
[matt@hf-hall-stud-233-233-208 matt]$ shutdown now
This dropped me to single user mode and gave me root access in the process.
The exit command got me back to runlevel 5.
I don't know if this is just mandrake being insecure, but its a start.