Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-11987 | GEN001980 | SV-12488r2_rule | ECCD-1 ECCD-2 | Medium |
Description |
---|
A plus (+) in system accounts' files causes the system to lookup the specified entry using NIS. If the system is not using NIS, no such entries should exist. |
STIG | Date |
---|---|
UNIX SRG | 2013-03-26 |
Check Text ( C-7952r2_chk ) |
---|
Check system configuration files for plus (+) entries. Procedure: # find / -name .rhosts -exec grep + {} \; # find / -name .shosts -exec grep + {} \; # find / -name hosts.equiv -exec grep + {} \; # find / -name shosts.equiv -exec grep + {} \; # grep + /etc/passwd # grep + /etc/shadow # grep + /etc/group If the .rhosts, .shosts, hosts.equiv, shosts.equiv, /etc/passwd, /etc/shadow, and/or /etc/group files contain a plus (+) and do not define entries for NIS+ netgroups, this is a finding. |
Fix Text (F-11248r2_fix) |
---|
Edit the .rhosts, .shosts, hosts.equiv, shosts.equiv, /etc/passwd, /etc/shadow, and/or /etc/group files and remove entries containing a plus (+). |