The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges.Referenceshttp://secunia.com/advisories/23922https://issues.rpath.com/browse/RPL-987http://lists.rpath.com/pipermail/security-announce/2007-January/000137.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/31942http://osvdb.org/32972
