VP/ix security hole with DOS partition

[Andrew Phillips]

To access the DOS partition on a hard disk requires changing the
protection on /dev/hd00 (or /dev/hd01 for the second hard disk).  I
believe that since this device is the whole of the hard disk and
(presumably) has Xenix filesystems on it this will allow anybody to
access any file in these filesystems.

For example, we have /dev/hd00 readable by all so that VP/ix users
can read files on it. This would mean that a knowledgeable user could
read any file on that drive which includes the root filesystem.
Worse still would be if you wanted to allow anyone to write to the
DOS partition - you would have to make /dev/hd00 writeable by all.

I would appreciate any clarification.
-- 
Andrew Phillips (andrew at teslab.lab.oz.au) Phone +61 (Aust) 2 (Sydney) 289 8712