STIGQter: STIG Summary: VMware ESX 3 Server Version: 1 Release: 2 Benchmark Date: 22 Jul 2016: The alias file must be owned by root.

DISA Rule

SV-831r2_rule

Vulnerability Number

V-831

Group Title

GEN004360

Rule Version

GEN004360

Severity

CAT II

CCI(s)

CCI-000225 - The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

Weight

Fix Recommendation

Change the owner of the /etc/mail/aliases file (or equivalent, such as /usr/lib/aliases) to root.

Procedure:
# chown root /etc/mail/aliases

Check Contents

Find the aliases file on the system.

Procedure:
# find / -name aliases -depth -print

Check the ownership of the alias file.

Procedure:
# ls -lL <alias location>

If the file is not owned by root, this is a finding.

Vulnerability Number

V-831

Documentable

False

Rule Version

GEN004360

Severity Override Guidance

Check Content Reference

Responsibility

System Administrator

Target Key

1386

STIGQter: STIG Summary: VMware ESX 3 Server Version: 1 Release: 2 Benchmark Date: 22 Jul 2016: The alias file must be owned by root.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments