Flipit relies _entirely_ on Unix file permissions for security.

The X10 Firecracker/CM17a works by attaching to a serial port, so if
flipit is able to open the specified serial port then it will operate
properly.

It does this because any other security mechanism can be worked around
by the user simply compiling their own copy of flipit.  In other
words, if a user can open the port's tty device, they can mess with
your Firecracker/cm17a anyway.

I'm wrong here, please let me know at <matt@lickey.com>.
