UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The .rhosts, .shosts, hosts.equiv, shosts.equiv, /etc/passwd, /etc/shadow, and/or /etc/group files must not contain a plus (+) without defining entries for NIS+ netgroups.


Overview

Finding ID Version Rule ID IA Controls Severity
V-11987 GEN001980 SV-12488r2_rule ECCD-1 ECCD-2 Medium
Description
A plus (+) in system accounts' files causes the system to lookup the specified entry using NIS. If the system is not using NIS, no such entries should exist.
STIG Date
UNIX SRG 2013-03-26

Details

Check Text ( C-7952r2_chk )
Check system configuration files for plus (+) entries.

Procedure:
# find / -name .rhosts -exec grep + {} \;

# find / -name .shosts -exec grep + {} \;

# find / -name hosts.equiv -exec grep + {} \;

# find / -name shosts.equiv -exec grep + {} \;


# grep + /etc/passwd
# grep + /etc/shadow
# grep + /etc/group

If the .rhosts, .shosts, hosts.equiv, shosts.equiv, /etc/passwd, /etc/shadow, and/or /etc/group files contain a plus (+) and do not define entries for NIS+ netgroups, this is a finding.

Fix Text (F-11248r2_fix)
Edit the .rhosts, .shosts, hosts.equiv, shosts.equiv, /etc/passwd, /etc/shadow, and/or /etc/group files and remove entries containing a plus (+).