Oh fun times. At my high school we ran Macs with an extremely tight allow-list of programs. For example, we were locked out of Safari and had to use IE5.5. I think even the text editor was locked out. Shameful.
Come to find out one day that 1) This was enforced only at the Finder (file manager) level, and 2) the AppleScript tool was on the allow-list(!)
A quick "tell application terminal to open" was all I needed to get into a fully-open environment. Not having a quarrel with the school, I didn't mess with anything. I just used it to do real work (like SSHing to my home server to fetch docs I forgot to bring in, or working on my AP Comp Sci stuff). But I also found out that the AirPort admin passwords were simply the SSID, so on the last day of my Senior year I changed a bunch of SSIDs to funny things. I also dropped a line to IT (via long AirPort SSIDs) letting them (and the students paying attention) know of the vuln :P
Bonus story: Years later at uni, I accidentally discovered that the shared "podium" account (used by guests to give presentations, but usable on any machine) was being used by someone to store their, uh, video collection. Much to the chagrin of the multiple presenters that accidentally ran across it during their presentations. Not to mention the rich browser autocomplete.
Wow, I did basically the same thing back in middle school! Noticed a checkbox on my computer teacher's monitor that said "Allow privileged applications to run unprivileged applications." Asked for AppleScript privileges so I could "learn some programming" and wrote a bunch of scripts that did nothing but start an application.
Of course, saving and running them didn't work at all. But clicking Run from the AppleScript editor meant that a "privileged application" was starting an unprivileged one :D
It was a string match.
We called all our games winword.exe lol