UCF STIG Viewer Logo

The alias files must be owned by root.


Finding ID Version Rule ID IA Controls Severity
V-240433 VRAU-SL-000560 SV-240433r671040_rule Medium
If the alias and aliases.db files are not owned by root, an unauthorized user may modify the file to add aliases to run malicious code or redirect email.
VMware vRealize Automation 7.x SLES Security Technical Implementation Guide 2023-09-22


Check Text ( C-43666r671038_chk )
Check the ownership of the alias file:

# ls -lL /etc/aliases
# ls -lL /etc/aliases.db

If all the files are not owned by "root", this is a finding.
Fix Text (F-43625r671039_fix)
Change the owner of the alias files to "root":

# chown root /etc/aliases
# chown root /etc/aliases.db