rubygems outputs warnings about files being created world writable:

...
QA Security Notice:
- /usr/share/jruby/lib/ruby/gems/1.8/doc/rubygems-1.3.7/ri/Gem/SourceIndex/remove_spec-i.yaml will be a world writable file.
- This may or may not be a security problem, most of the time it is one.
- Please double check that rubygems-1.3.7-r1 really needs a world writeable bit and file bugs accordingly.
QA Security Notice:
- /usr/share/jruby/lib/ruby/gems/1.8/doc/rubygems-1.3.7/ri/Gem/SourceIndex/search-i.yaml will be a world writable file.
- This may or may not be a security problem, most of the time it is one.
- Please double check that rubygems-1.3.7-r1 really needs a world writeable bit and file bugs accordingly.
QA Security Notice:
- /usr/share/jruby/lib/ruby/gems/1.8/doc/rubygems-1.3.7/ri/Gem/SourceIndex/size-i.yaml will be a world writable file.
- This may or may not be a security problem, most of the time it is one.
- Please double check that rubygems-1.3.7-r1 really needs a world writeable bit and file bugs accordingly.
...

And I can confirm that the files are indeed created world writable using find:

# find /usr/share/jruby -type f -perm -002 -ls | head -n 10
407797155    4 -rw-rw-rw-   1 root     root         1030 May 18 09:30 /usr/share/jruby/lib/ruby/gems/1.8/doc/rubygems-1.3.7/ri/GemGauntlet/cdesc-GemGauntlet.yaml
407797156    4 -rw-rw-rw-   1 root     root          171 May 18 09:30 /usr/share/jruby/lib/ruby/gems/1.8/doc/rubygems-1.3.7/ri/GemGauntlet/report-i.yaml
407797157    4 -rw-rw-rw-   1 root     root          169 May 18 09:30 /usr/share/jruby/lib/ruby/gems/1.8/doc/rubygems-1.3.7/ri/GemGauntlet/run-i.yaml
407797158    4 -rw-rw-rw-   1 root     root          187 May 18 09:30 /usr/share/jruby/lib/ruby/gems/1.8/doc/rubygems-1.3.7/ri/GemGauntlet/should_skip%3f-i.yaml
4815448    4 -rw-rw-rw-   1 root     root          528 May 18 09:30 /usr/share/jruby/lib/ruby/gems/1.8/doc/rubygems-1.3.7/ri/TempIO/cdesc-TempIO.yaml
4815449    4 -rw-rw-rw-   1 root     root          171 May 18 09:30 /usr/share/jruby/lib/ruby/gems/1.8/doc/rubygems-1.3.7/ri/TempIO/new-c.yaml
4815453    4 -rw-rw-rw-   1 root     root          201 May 18 09:30 /usr/share/jruby/lib/ruby/gems/1.8/doc/rubygems-1.3.7/ri/TempIO/method_missing-i.yaml
4817151    4 -rw-rw-rw-   1 root     root          180 May 18 09:30 /usr/share/jruby/lib/ruby/gems/1.8/doc/rubygems-1.3.7/ri/TempIO/respond_to%3f-i.yaml
4817166    4 -rw-rw-rw-   1 root     root          166 May 18 09:30 /usr/share/jruby/lib/ruby/gems/1.8/doc/rubygems-1.3.7/ri/TempIO/string-i.yaml
138244307    4 -rw-rw-rw-   1 root     root          290 May 18 09:30 /usr/share/jruby/lib/ruby/gems/1.8/doc/rubygems-1.3.7/ri/RbConfig/cdesc-RbConfig.yaml


Reproducible: Always

Steps to Reproduce:
1. set RUBY_TARGETS="jruby ruby18"
2. emerge rubygems




Portage 2.1.8.3 (default/linux/amd64/10.0/desktop, gcc-4.4.3, glibc-2.11.1-r0, 2.6.33-gentoo-r1 x86_64)
=================================================================
System uname: Linux-2.6.33-gentoo-r1-x86_64-AMD_Phenom-tm-_II_X4_810_Processor-with-gentoo-2.0.1
Timestamp of tree: Tue, 18 May 2010 15:30:17 +0000
ccache version 2.4 [enabled]
app-shells/bash:     4.1_p5
dev-java/java-config: 2.1.11
dev-lang/python:     2.6.5-r2, 3.1.2-r3
dev-util/ccache:     2.4-r8
dev-util/cmake:      2.8.1-r1
sys-apps/baselayout: 2.0.1
sys-apps/openrc:     0.6.1-r1
sys-apps/sandbox:    2.2
sys-devel/autoconf:  2.13, 2.65
sys-devel/automake:  1.9.6-r3, 1.10.3, 1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.3.4, 4.4.3-r2
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6b
virtual/os-headers:  2.6.33
ACCEPT_KEYWORDS="amd64 ~amd64 ~x86"
ACCEPT_LICENSE="* -@EULA dlj-1.1 sun-bcla-java-vm PUEL"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -march=athlon64 -pipe -ggdb"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/X11/xkb /usr/share/config /var/lib/hsqldb"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/eselect/postgresql /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-O2 -march=athlon64 -pipe -ggdb"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests ccache distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms splitdebug strict unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync"
GENTOO_MIRRORS="http://gentoo.osuosl.org/ http://gentoo.mirrors.hoobly.com/ http://gentoo.wetzlmayr.com/ http://gentoo.gossamerhost.com http://gentoo.netnitco.net"
LANG="en_US.UTF-8"
LDFLAGS="-Wl,-O1"
LINGUAS="en"
MAKEOPTS="-j5"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="3dnow 3dnowext X a52 aac acl acpi alsa amd64 antlr ao apache2 avahi bash-completion berkdb bluetooth branding bzip2 cairo cdda cddax cddb cdio cdr cleartype cli consolekit cracklib crypt css cups cxx dbus doc dri dts dv dvb dvd dvdr emboss encode exif expat extras fam ffmpeg firefox flac fontconfig fortran gcrypt gdbm gif gimp git gnutls gpg gphoto2 gpm gstreamer gtk hal iconv icu id3 id3tag imagemagick ipv6 jack java java6 jpeg jpeg2k kde kino lame lcms ldap libass libnotify libsysfs libv4l live lucene lzo mad matroska mikmod mjpeg mmx mng modules mp3 mp4 mpeg mplayer msn mudflap multilib musepack mysql ncurses netbeans nls npp nptl nptlonly nsplugin nvidia ogg openexr opengl openmp oscar pam pango pch pcre pdf perl png postgres ppds pppd pulseaudio python qt3support qt4 quicktime rdesktop rdesktop-vrdp rdp rdpusb readline redeyes reflection rss ruby samba scanner schroedinger sdl secure-delete semantic-desktop session smp sndfile sox spell spl sql sqlite sqlite3 sse sse2 ssl startup-notification subversion svg sysfs taglib tcpd theora threads tiff tk truetype twolame udev unicode upnp usb v4l2 vcd vcdinfo vcdx vim-syntax vorbis webkit wlm wma wma-fixed wmf x264 xcb xcomposite xine xinerama xml xorg xulrunner xv xvid xvmc zeroconf zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="wacom mouse keyboard evdev virtualbox" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" NETBEANS_MODULES="cnd dlight enterprise ergonomics profiler apisupport harness ide java nb websvccommon" RUBY_TARGETS="jruby ruby18" USERLAND="GNU" VIDEO_CARDS="nvidia virtualbox" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY