UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The .rhosts, .shosts, hosts.equiv, shosts.equiv, /etc/passwd, /etc/shadow, and/or /etc/group files must not contain a plus (+) without defining entries for NIS+ netgroups.


Overview

Finding ID Version Rule ID IA Controls Severity
V-11987 GEN001980 SV-63581r1_rule ECCD-1 ECCD-2 Medium
Description
A plus (+) in system accounts files causes the system to lookup the specified entry using NIS. If the system is not using NIS, no such entries should exist.
STIG Date
Oracle Linux 5 Security Technical Implementation Guide 2015-06-05

Details

Check Text ( C-52237r2_chk )
Check system configuration files for plus (+) entries.

Procedure:
# find / -name .rhosts
# grep + //.rhosts

# find / -name .shosts
# grep + //.shosts

# find / -name hosts.equiv
# grep + //hosts.equiv

# find / -name shosts.equiv
# grep + //shosts.equiv

# grep + /etc/passwd
# grep + /etc/shadow
# grep + /etc/group

If the .rhosts, .shosts, hosts.equiv, shosts.equiv, /etc/passwd, /etc/shadow, and/or /etc/group files contain a plus (+) and do not define entries for NIS+ netgroups, this is a finding.
Fix Text (F-54185r1_fix)
Edit the .rhosts, .shosts, hosts.equiv, shosts.equiv, /etc/passwd, /etc/shadow, and/or /etc/group files and remove entries containing a plus (+).