The classic implementation of ramfs and many other user fileservers based on it have a serious bug regarding the 9p protocol :
If you open a file for which you have Read/Execute Permission you are free to write to that file by sending Twrite requests.
rwrite doesn't check if the file was opened for read, write or execute.
A possible solution for this problem is enhancing the meaning of Fid.open from an indicator for open files to an indicator for open files and the mode they were opened :
0x80 ... file is open
0x40 ... opened for reading
0x20 ... opened for writing
0x10 ... opened for execution
While ramfs is regared as a toy program with minimal permission checking many user file servers around are based on this example like all the tools in tapefs.