Highfstagnipu

**Name of the Vulnerable Software and Affected Versions** DIRAC versions prior to 8.0.41 **Description** DIRAC is a software framework for distributed computing. During the proxy generation process, such as when using `dirac-proxy-init`, unauthorized users on the same machine can gain read access to the proxy. This allows the user to perform any action possible with the original proxy. The vulnerability exists for a short period, specifically a sub-millisecond time frame, during the generation process. **Recommendations** For versions prior to 8.0.41, update to version 8.0.41 to resolve the issue. As a temporary workaround, setting the `X509 USER PROXY` environment variable to a path inside a directory only readable to the current user avoids the potential risk. After the file has been written, it can be safely copied to the standard location (`/tmp/x509up uNNNN`).