From the F-Secure site: http://www.f-secure.com/v-descs/trojan-downloader_osx_flashb...
On execution, the malware will prompt the unsuspecting user for the administrator password. Whether or not the user inputs the administrator password, the malware will attempt to infect the system, though entering the password will affect how the infection is done.
If infection is successful, the malware will modify the contents of certain webpages displayed by web browsers; the specific webpages targeted and changes made are determined based on configuration information retrieved by the malware from a remote server.
It specifically states that the malware will infect the machine even if the user does not give permission.