Nagios Core through 4.3.4 initially executes /usr/sbin/nagios as root but supports configuration options in which this file is owned by a non-root account (and similarly can have nagios.cfg owned by a non-root account), which allows local users to gain privileges by leveraging access to this non-root account.
Created nagios tracking bugs for this issue:
Affects: epel-all [bug 1490860]
Affects: fedora-all [bug 1490859]
In RHMAP both the /usr/sbin/nagios, and /etc/nagios/nagios.cfg files are owned by root.
sh-4.2$ ls -la /etc/nagios/nagios.cfg
-rwxrwxrwx. 1 root root 44259 Jun 16 00:13 /etc/nagios/nagios.cfg
sh-4.2$ ls -la /usr/sbin/nagios
-rwxr-xr-x. 1 root root 713872 Jan 31 2017 /usr/sbin/nagios
Setting RHMAP as not affected.