STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

Files executed through a mail aliases file must be owned by root and must reside within a directory owned and writable only by root.

DISA Rule

SV-227840r603266_rule

Vulnerability Number

V-227840

Group Title

SRG-OS-000312

Rule Version

GEN004400

Severity

CAT I

CCI(s)

• CCI-002165 - The information system enforces organization-defined discretionary access control policies over defined subjects and objects.

Weight

10

Fix Recommendation

Edit the /etc/mail/aliases file (alternatively, /usr/lib/sendmail.cf). Locate the entries executing a program. They will appear similar to the following line.

Aliasname: : /usr/local/bin/ls (or some other program name)

Ensure root owns the programs and the directory(ies) they reside in by using the chown command to change owner to root.
Procedure:
# chown root filename

Check Contents

Find the aliases file on the system.

Procedure:
# find / -name aliases -depth -print
# more < aliases file location >

Examine the aliases file for any directories or paths that may be utilized.

Procedure:
# ls -lL < path >

Check if the file or parent directory is owned by root. If not, this is a finding.

Vulnerability Number

V-227840

Documentable

False

Rule Version

GEN004400

Severity Override Guidance

Find the aliases file on the system.

Procedure:
# find / -name aliases -depth -print
# more < aliases file location >

Examine the aliases file for any directories or paths that may be utilized.

Procedure:
# ls -lL < path >

Check if the file or parent directory is owned by root. If not, this is a finding.

Check Content Reference

M

Target Key

4061

Comments