6.2.9 Ensure no users have .forward files

Information

Theforward file specifies an email address to forward the user's mail to.

Use of theforward file poses a security risk in that sensitive data may be inadvertently transferred outside the organization. Theforward file also poses a risk as it can be used to execute commands that may perform unintended actions.

Solution

Making global modifications to users' files without alerting the user community can result in unexpected outages and unhappy users. Therefore, it is recommended that a monitoring policy be established to report userforward files and determine the action to be taken in accordance with site policy.

See Also

https://workbench.cisecurity.org/benchmarks/8498