Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-240437 | VRAU-SL-000580 | SV-240437r671052_rule | Medium |
Description |
---|
If a file executed through a mail aliases file is not group-owned by root or a system group, it may be subject to unauthorized modification. Unauthorized modification of files executed through aliases may allow unauthorized users to attain root privileges. |
STIG | Date |
---|---|
VMware vRealize Automation 7.x SLES Security Technical Implementation Guide | 2023-09-22 |
Check Text ( C-43670r671050_chk ) |
---|
Examine the contents of the /etc/aliases file: # more /etc/aliases Examine the aliases file for any directories or paths that may be utilized: # ls -lL Check the permissions for any paths referenced. If the group-owner of any file is not "root", "bin", "sys", or "system", this is a finding. |
Fix Text (F-43629r671051_fix) |
---|
Change the group-ownership of the file referenced from /etc/mail/aliases: # chgrp root |