Comment 24 for bug 909569

Draft of vulnerability description.

-----

Title: Swift does not drop all group privileges
Impact: Low
Reporter: David Black
Products: Swift
Affects: All versions

Description:
David Black reported a vulnerability in Swift. Swift is started with root privileges and then switches to a less privileged user. The code that implements dropping root privileges did not properly clear the list of groups.

This issue is not exploitable by itself. However, it is considered a security issue as it could potentially result in an increase in what could be accomplished by exploiting another security vulnerability in Swift.