passenger is vulnerable to information disclosure attacks. The vulnerability exists through an insecure permissions vulnerability where a normal user of the UNIX system could swap the application’s user directory to redirect traffic to a non-application user’s process through an alternative UNIX domain socket, causing information disclosure