Files executed through a mail aliases file must have mode 0755 or less permissive.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-834 | GEN004420 | SV-35043r1_rule | ECLP-1 | Medium |
| Description |
|---|
| If a file executed through a mail alias file has permissions greater than 0755, it can be modified by an unauthorized user and may contain malicious code or instructions possibly compromising the system. |
| STIG | Date |
|---|---|
| HP-UX 11.31 Security Technical Implementation Guide | 2018-09-14 |
Details
| Check Text ( C-36562r1_chk ) |
|---|
| Examine the aliases file on the system for any utilized directories or paths. # cat /etc/mail/aliases | cut -f 2,2 -d ":" | grep "|" Check the permissions for any file paths referenced. # ls -lL If any file referenced from the aliases file has a mode more permissive than 0755, this is a finding. |
| Fix Text (F-31930r1_fix) |
|---|
| Use the chmod command to change the access permissions for files executed from the aliases file. For example: # chmod 0755 |