UCF STIG Viewer Logo

The alias file must be owned by root.


Overview

Finding ID Version Rule ID IA Controls Severity
V-831 GEN004360 SV-37472r2_rule Medium
Description
If the alias file is not owned by root, an unauthorized user may modify the file adding aliases to run malicious code or redirect e-mail.
STIG Date
Red Hat Enterprise Linux 5 Security Technical Implementation Guide 2017-03-01

Details

Check Text ( C-36137r2_chk )
If the "sendmail" and "postfix" packages are not installed, this is not applicable.

Check the ownership of the alias files.

Procedure:
for sendmail:
# ls -lL /etc/aliases
# ls -lL /etc/aliases.db
If all the files are not owned by root, this is a finding.

for postfix:
Verify the location of the alias file.
# postconf alias maps

This will return the location of the "aliases" file, by default "/etc/postfix/aliases"

# ls -lL
# ls -lL
If all the files are not owned by root, this is a finding.

Fix Text (F-31384r1_fix)
Change the owner of the /etc/aliases file to root.

Procedure:
for sendmail:
# chown root /etc/aliases
# chown root /etc/aliases.db

for postfix
# chown root /etc/postfix/aliases
# chown root /etc/postfix/aliases.db