From Slashdot: "Half the Mac OS X boxes in the world (confirmed on Mac OS X 10.4 Tiger and 10.5 Leopard) can be rooted through AppleScript: osascript -e 'tell app "ARDAgent" to do shell script "whoami"'; Works for normal users and admins, provided the normal user wasn't switched to via fast user switching. Secure? I think not." If you administrate Mac OS X systems in a lab environment where local users shouldn't be able to get root, this can affect you. Thankfully for most of us, the user must be logged in *locally* (into the window system) for this to work. A quick workaround is to remove the suid bit on the ARDAgent: sudo chmod u-s /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent This may be undone by repair permissions, though, and possibly breaks Remote Desktop, so keep an eye on it until Apple officially patches the bug.