It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission.
Statement: Not vulnerable. This issue did not affect the versions of openshift-origin-node-util as shipped with any current versions of Red Hat Open Shift Enterprise as they do not include the watchman code.
However we do expect to ship it in OSE 2.1 so this is good to know.