the ARD thing was basically this: When running remote desktop, one thing you can do is "send shell script". This script can either run as the current user on the target computer, or as root. (practically all of the time you want to run it as root, though, annoyingly, as user is the default) To do this, the admin tells the client to execute the command. It appears to have used applescript as a channel to do this. So basically the exploit was to use the same method (locally) to tell the local ARD client to run the shell command, as root.
To fix this probably required substantial re-engineering of how ARD sends shell commands.
I don't know if its related to my issue or not, it's quite possible. I don't know for certain when it stopped working, but my best memory is around 10.6 or 10.7. (it may have worked in 10.6 until a specific update hit)
I've been mulling it over. I also needed a way for users to resume a printer queue that was paused, which a standard user doesn't have the authority to do. (if a printer runs out of paper while a user is printing, it will pause. if they don't fix it and log out, the printer remains paused on the commuter FOR ALL USERS until an admin unpauses it) So I had to write a daemon that unpauses printers for users when they log in. It sent a request to a daemon that was running as root, whose only feature was to unpause printers) I have since gotten rid of that since I figured out how to allow non-admins to resume queues, but I could use the same technique here I think. Store a text string in the user's home in a hidden file, owned by the user, ~/.message for example. Have a launch agent running for the user, and if it sees that file and it's owned by the user, display the dialog using the text in the file, and remove the message file. Convoluted, but functional. *shrug*
I certainly do seem to be running into lots of opportunities to create very creative and customized solutions in my new job...
OK weirdness ensues... if I login as root and try this:
osascript -e "tell application \"System Events\" to display dialog \"access to Video Server has been restored\" buttons {\"OK\"} default button 1 with title \"Message from Administrator\" with icon file \"Macintosh HD:System:Library:CoreServices:Feedback Assistant.app:Contents:Resources:State-Success.icns\""
it gives me:
36:284: execution error: An error of type -10810 has occurred. (-10810)
BUT... if I use ARD to send shell command to the computer, with a user logged in, and send the above command as root, it WORKS.
yeah, ARD is definitely hacking around the system's security now.