Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-239532 | VROM-SL-000565 | SV-239532r662047_rule | Medium |
Description |
---|
If a file executed through a mail alias file has permissions greater than 0755, it can be modified by an unauthorized user and may contain malicious code or instructions that could compromise the system. |
STIG | Date |
---|---|
VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide | 2023-09-21 |
Check Text ( C-42765r662045_chk ) |
---|
Examine the contents of the "/etc/aliases" file: # more /etc/aliases Examine the aliases file for any directories or paths that may be utilized: # ls -lL Check the permissions for any paths referenced. If any file referenced from the aliases file has a mode more permissive than "0755", this is a finding. |
Fix Text (F-42724r662046_fix) |
---|
Use the chmod command to change the access permissions for files executed from the alias file: # chmod 0755 |