Detections
Analytics
GEN004400 - Files executed through a mail aliases file must be owned by root.
Information
Files executed through a mail aliases file must be owned by root and must reside within a directory owned and writable only by root.Solution
Edit the /etc/mail/aliases file (alternatively, /usr/lib/sendmail.cf). Locate the entries executing a program. They will appear similar to the following line.Aliasname: : /usr/local/bin/ls (or some other program name)
Ensure root owns the programs and the directory(ies) they reside in by using the chown command to change owner to root.
Procedure:
# chown root filename
See Also
http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip
Item Details
Audit Name: DISA AIX 5.3 STIG v1r2
Category: ACCESS CONTROL
References: 800-53|AC-6, CAT|I, CCI|CCI-000225, Rule-ID|SV-39506r1_rule, STIG-ID|GEN004400, Vuln-ID|V-833
Plugin: Unix
Control ID: 3356ee95539300c39b6e84275466f509cc7f4195ef7b46896edd5403e8971129