UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The setuid bit from Remote Access shell (unsecure) must be removed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-25294 OSX00270 M6 SV-38238r1_rule ECCD-1 ECCD-2 Medium
Description
Because attackers try to influence or co-opt the execution of setuid programs in order to try to elevate their privileges, there is benefit in removing the setuid bit from programs that may not need it. There is also benefit in restricting to administrators the right to execute a setuid program.
STIG Date
MAC OSX 10.6 Workstation Security Technical Implementation Guide Draft 2013-01-10

Details

Check Text ( C-37701r1_chk )
Open a terminal session and enter the following command.

ls -ld /usr/bin/rsh

Verify the file permissions are set to 555 or more restrictive. If not, this is a finding.
Fix Text (F-32942r1_fix)
Open a terminal session and enter the following command.

chmod 555 /usr/bin/rsh