openhpi ships with the /var/lib/openhpi/ directory set world readable and writeable. If this directory is used for storing the OPENHPI_UID_MAP or other openhpi data for example an attacker would be able to view, modify and delete it. Even without such usage an attacker could use it to fill up the storage hosting the /var/lib/ directory if quotas are not properly set.
Created openhpi tracking bugs for this issue: Affects: fedora-all [bug 1233521]
Acknowledgement: This issue was discovered by Marko Myllynen of Red Hat.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:2369 https://rhn.redhat.com/errata/RHSA-2015-2369.html
Statement: This issue affects the version of openhpi as shipped with Red Hat Enterprise Linux 5 and 6. This issue has been rated as having Low security impact and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 5 and 6.
*** Bug 1297458 has been marked as a duplicate of this bug. ***