First posted to Bugtraq by Scott Smith <scott@LACKLUSTER.NET> on January 5, 1998.
An archived copy of the exact message and Scott's followup can be found at http://www.geek-girl.com/bugtraq/1998_1/0007.html
DIT TransferPro 4.1
DIT's TransferPro product is a GUI-interface for the easy and fast transfer of files on various medium to and from a unix machine. The TransferPro product installs it's own 'ff driver', handling the various physical devices on the target machine. Apparently to avoid the necessity for 'system administration', the ff* devices (including the root device) are set with mode 0666. Being world read and writeable, the disk can then be wiped clean by anybody who knows what the ff devices are.
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org.
Add ff:* 0640 to /etc/minor_perm. This will set permissions on the devices managed by the ff driver properly.