UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The aliases file must be group-owned by root, sys, bin, or system.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22438 GEN004370 SV-45848r2_rule ECLP-1 Medium
Description
If the alias file is not group-owned by root or a system group, an unauthorized user may modify the file adding aliases to run malicious code or redirect e-mail.
STIG Date
SUSE Linux Enterprise Server v11 for System z 2015-01-26

Details

Check Text ( C-43146r2_chk )
If the “sendmail” or “postfix” packages are not installed, this is not applicable.

Check the group ownership of the alias files.

Procedure:
for sendmail:
# ls -lL /etc/aliases
If the file is not group-owned by root, this is a finding.

# ls -lL /etc/aliases.db
If the file is not group-owned by root, this is a finding.

for postfix:
Verify the location of the alias file.
# postconf alias_maps

This will return the location of the "aliases" file, by default "/etc/aliases".

# ls -lL
If the file is not group-owned by root, this is a finding.

# ls -lL
If the file is not group-owned by root, this is a finding.
Fix Text (F-39232r2_fix)
Change the group-owner of the /etc/aliases file.

Procedure:
for sendmail:
# chgrp root /etc/aliases
# chgrp root /etc/aliases.db


for postfix
# chgrp root
# chgrp root