I always assumed that, by default, standard users would not be allowed to download and install software in Mac OS X. But I just realized yesterday that they can. I'm baffled - isn't this a HUGE security vulnerability? For example, as a standard user, I am able to download and install Opera as long as I drag the app file to the user's desktop (instead of the Applications folder). How can I prevent this? I tried restricting permissions on Installer.app, but that didn't work.