GNU Rush 1.7 does not properly drop privileges, which allows local users to read arbitrary files via the --lint option.
gnu rush 1.7