Navigate

Check: GEN002060

HP-UX 11.31 STIG: GEN002060 (in versions v1 r19 through v1 r13)

Title

All .rhosts, .shosts, .netrc, or hosts.equiv files must be accessible by only root or the owner. (Cat II impact)

Discussion

If these files are accessible by users other than root or the owner, they could be used by a malicious user to set up a system compromise.

Check Content

# find / -type f -name .rhosts # ls -alL /<directorylocation>/.rhosts # find / -type f -name .shosts # ls -alL /<directorylocation>/.shosts # find / -type f -name hosts.equiv # ls -lL /<directorylocation>/hosts.equiv # find / -type f -name shosts.equiv # ls -lL /<directorylocation>/shosts.equiv If the .rhosts, .shosts, hosts.equiv, or shosts.equiv files have permissions greater than 700, this is a finding.

Fix Text

Ensure the permission for these files is set at 700 or less and the owner is the owner of the home directory that it is in. These files, outside of home directories (other than hosts.equiv which is in /etc and owned by root), have no meaning.

Additional Identifiers

Rule ID: SV-34960r1_rule

Vulnerability ID: V-4428

Group Title: GEN002060

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000225	The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
AC-6	Least Privilege