CVE-2007-0536 Information

Description

The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups which causes packages to be installed with insecure permissions and might allow local users to gain privileges.

Reference

http://lists.rpath.com/pipermail/security-announce/2007-January/000137.html http://osvdb.org/32972 http://secunia.com/advisories/23922 https://exchange.xforce.ibmcloud.com/vulnerabilities/31942 https://issues.rpath.com/browse/RPL-987