UCF STIG Viewer Logo

The alias files must be group-owned by root or a system group.


Finding ID Version Rule ID IA Controls Severity
V-89645 VRAU-SL-000565 SV-100295r1_rule Medium
If the aliases and aliases.db file are not group owned by root or a system group, an unauthorized user may modify one or both of the files to add aliases to run malicious code or redirect email.
VMware vRealize Automation 7.x SLES Security Technical Implementation Guide 2018-10-12


Check Text ( C-89337r1_chk )
Check the group-ownership of the alias files:

# ls -lL /etc/aliases
# ls -lL /etc/aliases.db

If the files are not group-owned by "root", this is a finding.
Fix Text (F-96387r1_fix)
Change the group-owner of the alias files to "root":

# chgrp root /etc/aliases
# chgrp root /etc/aliases.db