Name Service Switch does not use NIS

An XCCDF Rule

Details
Profiles
Prose

Description

Each call to a function which retrieves data from a system database like the password or group database is handled by the Name Service Switch implementation in the GNU C library. The various services provided are implemented by independent modules, each of which naturally varies widely from the other. One of such modules is the nis module, which allows to get information from NIS servers.

warning alert: Warning

This rule does not have remediation. Editing the /etc/nsswitch.conf incorrectly can disrupt access to the system.

Rationale

NIS service is insecure and should not be used.

ID: xccdf_org.ssgproject.content_rule_no_nis_in_nsswitch
Severity: Medium
References: R69

CCE-86076-7
Updated: 5 days ago