UCF STIG Viewer Logo

The rsh service must be disabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-51417 OSX8-00-00050 SV-65627r1_rule High
Description
Some networking protocols may not meet security requirements to protect data and components. The organization can either make a determination as to the relative security of the networking protocol or base the security decision on the assessment of other entities. Based on that assessment some may be deemed to be nonsecure except for explicitly identified components in support of specific operational requirements.
STIG Date
Apple OS X 10.8 (Mountain Lion) Workstation STIG 2015-02-10

Details

Check Text ( C-53753r1_chk )
The "rshd" service should be disabled. To check the status of the service, run the following command:

sudo defaults read /System/Library/LaunchDaemons/shell Disabled

If the result is not "1", this is a finding.
Fix Text (F-56215r1_fix)
To set the "rshd" service to disabled, run the following command:

sudo defaults write /System/Library/LaunchDaemons/shell Disabled 1