UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Files executed through a mail aliases file must have mode 0755 or less permissive.


Overview

Finding ID Version Rule ID IA Controls Severity
V-834 GEN004420 SV-37494r2_rule Medium
Description
If a file executed through a mail aliases file has permissions greater than 0755, it can be modified by an unauthorized user and may contain malicious code or instructions potentially compromising the system.
STIG Date
Red Hat Enterprise Linux 5 Security Technical Implementation Guide 2016-06-01

Details

Check Text ( C-36152r4_chk )
If the "sendmail" package is not installed, this is not applicable.

Examine the contents of the /etc/aliases file.

Procedure:
# more /etc/aliases
Examine the aliases file for any referenced programs, which are specified with the pipe (|) symbol.

# ls -lL
Check the permissions for any paths referenced.
If any file referenced from the aliases file has a mode more permissive than 0755, this is a finding.
Fix Text (F-31403r2_fix)
Use the chmod command to change the access permissions for files executed from the alias file.

For example:
# chmod 0755 filename