I have some users who are allowed to login using webconfig only. There they are set up with a skin that shows the scripts only, hence they cannot really do anything to the config even though the scripts requires the users to have write policy enabled.
I've had scripts that disables / enables interfaces, which has been working fine for two years.

Now I've created some new scripts that sends WOL: The problem is, in order to let these users run this one line script, the users group need to have ALL of these policies enabled: reboot, write, test, password, sniff, ftp, read, policy, web. sensitive and rmon!
If this user group lack any one of these policies the users receive the message "Couldn't perform action - not permitted (9)" when they try to run the script.

And the worst thing about this is that the users are given the [design skin] button in their skin, which makes them able to add users management section to their skin. Combined with the policy policy which makes them able to create them selves a new admin account. Is there really no way to give a user access to run a WOL command in a script without provide full admin rights?