UCF STIG Viewer Logo

Files executed through a mail aliases file must be group-owned by root, bin, sys, or system, and must reside within a directory group-owned by root, bin, sys, or system.


Overview

Finding ID Version Rule ID IA Controls Severity
V-240437 VRAU-SL-000580 SV-240437r671052_rule Medium
Description
If a file executed through a mail aliases file is not group-owned by root or a system group, it may be subject to unauthorized modification. Unauthorized modification of files executed through aliases may allow unauthorized users to attain root privileges.
STIG Date
VMware vRealize Automation 7.x SLES Security Technical Implementation Guide 2021-06-24

Details

Check Text ( C-43670r671050_chk )
Examine the contents of the /etc/aliases file:

# more /etc/aliases

Examine the aliases file for any directories or paths that may be utilized:

# ls -lL

Check the permissions for any paths referenced.

If the group-owner of any file is not "root", "bin", "sys", or "system", this is a finding.
Fix Text (F-43629r671051_fix)
Change the group-ownership of the file referenced from /etc/mail/aliases:

# chgrp root