I use the WordPress.com Stats Plugin and highly recommend it to others who are interested in monitoring traffic to their WordPress blog.
One issue I have had with this otherwise excellent plugin is that only the ‘admin’ user is allowed to view the Blog Stats summary in the Dashboard. To me, this is akin to having to constantly log in as root on a UNIX system – it should not be necessary and presents a security risk to the blog (one forgotten logout on a shared terminal could spell disaster for the blog).
To fix this, I modified the stats.php file, replacing all instances of ‘manage_options’ with ‘moderate_comments’. This change allows both editors and admins to see stats by lowering the access level the plugin uses to decide if a user is authorized.
Thanks to this fix, I no longer have to log in as the blog administrator just to see stats.