There must be no user .rhosts files.
An XCCDF Rule
Description
Even though the .rhosts files are ineffective if support is disabled in /etc/pam.conf, they may have been brought over from other systems and could contain information useful to an attacker for those other systems.
- ID
- SV-216421r959010_rule
- Version
- SOL-11.1-070050
- Severity
- High
- References
- Updated
Remediation Templates
A Manual Procedure
The root role is required.
Remove any .rhosts files found.
# rm [file name]