UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

There must be no user .rhosts files.


Overview

Finding ID Version Rule ID IA Controls Severity
V-48119 SOL-11.1-070050 SV-60991r1_rule High
Description
Even though the .rhosts files are ineffective if support is disabled in /etc/pam.conf, they may have been brought over from other systems and could contain information useful to an attacker for those other systems.
STIG Date
Solaris 11 SPARC Security Technical Implementation Guide 2015-04-03

Details

Check Text ( C-50551r2_chk )
The root role is required.

Check for the presence of .rhosts files.

# for dir in \
`logins -ox | awk -F: '($8 == "PS") { print $6 }'`; do
find ${dir}/.rhosts -type f -ls 2>/dev/null
done

If output is produced, this is a finding.
Fix Text (F-51727r1_fix)
The root role is required.

Remove any .rhosts files found.

# rm [file name]