Gentoo Linux Security Advisory 201006-10 - multipath-tools does not set correct permissions on the socket file, making it possible to send arbitrary commands to the multipath daemon for local users. multipath-tools uses world-writable permissions for the socket file (/var/run/multipathd.sock). Versions less than 0.4.8-r1 are affected.
dc0a687d93a6023cf6ae31c5e7b458e40ff79f4cb9a7e66c6b7620869f08c65b