Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
General
cancel
Showing results for 
Search instead for 
Did you mean: 

Ownership of files executed through Mail aliases file

jk31214
Occasional Contributor

Ownership of files executed through Mail aliases file

I'm trying to meet some system security requirments for my 11i v2 box, but I'm having trouble determining one requirement.

 

"Files executed through a mail aliases file must be owned by root and must reside within a directory owned and writable only by root"

 

Does this mean that only root should be listed after the : for each alias in /etc/mail/aliases ?

1 REPLY
Matti_Kurkela
Honored Contributor

Re: Ownership of files executed through Mail aliases file

I think it means: "if you have mail aliases that cause the mail to be piped to programs or scripts, those programs must be owned by root and located in a directory owned & writable by root only." (Yes, you can use aliases to pipe incoming mail to programs or scripts!)

 

For example, if you have an alias like this: (example from chapter 24.4, Special Aliases of the 2nd edition of Sendmail by O'Reilly)

mail-errors: "|/etc/mail/filter postmaster"

 ... then you must verify that /etc/mail/filter is owned by root and /etc/mail is owned and writable by root only.

 

If you don't have any executable aliases (the default /etc/mail/aliases certainly does not have any), then you don't have to do anything to comply with this requirement.

MK