Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which
allows local users to execute arbitrary commands.
it's now fixed in kdbg-1.2.1-7, built it in 2.1AS-errata-candidate tree
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.