STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to VMware vRealize Automation 7.x SLES Security Technical Implementation Guide

V-240434

CAT II (Medium)

The alias files must be group-owned by root or a system group.

Rule ID

SV-240434r671043_rule

STIG

VMware vRealize Automation 7.x SLES Security Technical Implementation Guide

Version

V2R2

CCIs

CCI-000382

Discussion

If the aliases and aliases.db file are not group owned by root or a system group, an unauthorized user may modify one or both of the files to add aliases to run malicious code or redirect email.

Check Content

Check the group-ownership of the alias files:

# ls -lL /etc/aliases
# ls -lL /etc/aliases.db

If the files are not group-owned by "root", this is a finding.

Fix Text

Change the group-owner of the alias files to "root":

# chgrp root /etc/aliases
# chgrp root /etc/aliases.db