• info
• discussion
• exploit
• solution
• references

Rpath Linux CVE-2007-0536 Local Security Vulnerability

Rpath Linux is prone to a local security vulnerability. The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges.