Command aliases (UNIX)

Module: System Mail

This check looks for mail aliases piped to a command. This is a potential security problem because it allows outside access to the command. In particular, any command that allows reading and writing of files or escapes to shell can provide unauthorized access to your system. Use the file list to exclude aliases from this check. Specify the full executable path name without quotes or flags to exclude all aliases piped to that executable.

The following table lists the error messages for the check.

Table: Error messages for Command aliases

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: STKU_ALIASCMD Category: System Information	UNIX (6030)	Title: Alias piped to command Description:The listed mail aliases are piped to a command. This means that the command can be accessed from outside. Commands that allow reading and writing of files or escapes to shell can provide unauthorized access to your system. You should examine the listed mail aliases and remove from the aliases file any commands that provide unintended access.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]
String ID: STKU_BADALIASCMD Category: System Information	UNIX (6031)	Title: Alias piped to shell program Description:The listed mail aliases are piped to a command that is a known security risk. Commands that allow reading and writing of files or escapes to shell can provide unauthorized access to your system. You should remove these commands from the aliases file.	Severity: red-4 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [%s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_ALIASCMD

Category: System Information

UNIX (6030)

Title: Alias piped to command

Description:The listed mail aliases are piped to a command. This means that the command can be accessed from outside. Commands that allow reading and writing of files or escapes to shell can provide unauthorized access to your system. You should examine the listed mail aliases and remove from the aliases file any commands that provide unintended access.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_BADALIASCMD

Category: System Information

UNIX (6031)

Title: Alias piped to shell program

Description:The listed mail aliases are piped to a command that is a known security risk. Commands that allow reading and writing of files or escapes to shell can provide unauthorized access to your system. You should remove these commands from the aliases file.

Severity: red-4

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]