{"description": "The files <tt>/etc/hosts.equiv</tt> and <tt>~/.rhosts</tt> (in\neach user's home directory) list remote hosts and users that are trusted by the\nlocal system when using the rshd daemon.\nTo remove these files, run the following command to delete them from any\nlocation:\n<pre>$ sudo rm /etc/hosts.equiv</pre>\n<pre>$ rm ~/.rhosts</pre>", "rationale": "This action is only meaningful if <tt>.rhosts</tt> support is permitted\nthrough PAM. Trust files are convenient, but when used in conjunction with\nthe R-services, they can allow unauthenticated access to a system.", "severity": "high", "references": {"cis-csc": ["11", "12", "14", "15", "3", "8", "9"], "cobit5": ["APO13.01", "BAI10.01", "BAI10.02", "BAI10.03", "BAI10.05", "DSS01.04", "DSS05.02", "DSS05.03", "DSS05.05", "DSS06.06"], "hipaa": ["164.308(a)(4)(i)", "164.308(b)(1)", "164.308(b)(3)", "164.310(b)", "164.312(e)(1)", "164.312(e)(2)(ii)"], "isa-62443-2009": ["4.3.3.5.1", "4.3.3.5.2", "4.3.3.5.3", "4.3.3.5.4", "4.3.3.5.5", "4.3.3.5.6", "4.3.3.5.7", "4.3.3.5.8", "4.3.3.6.1", "4.3.3.6.2", "4.3.3.6.3", "4.3.3.6.4", "4.3.3.6.5", "4.3.3.6.6", "4.3.3.6.7", "4.3.3.6.8", "4.3.3.6.9", "4.3.3.7.1", "4.3.3.7.2", "4.3.3.7.3", "4.3.3.7.4", "4.3.4.3.2", "4.3.4.3.3"], "isa-62443-2013": ["SR 1.1", "SR 1.10", "SR 1.11", "SR 1.12", "SR 1.13", "SR 1.2", "SR 1.3", "SR 1.4", "SR 1.5", "SR 1.6", "SR 1.7", "SR 1.8", "SR 1.9", "SR 2.1", "SR 2.2", "SR 2.3", "SR 2.4", "SR 2.5", "SR 2.6", "SR 2.7", "SR 3.1", "SR 3.5", "SR 3.8", "SR 4.1", "SR 4.3", "SR 5.1", "SR 5.2", "SR 5.3", "SR 7.1", "SR 7.6"], "iso27001-2013": ["A.11.2.6", "A.12.1.2", "A.12.5.1", "A.12.6.2", "A.13.1.1", "A.13.2.1", "A.14.1.3", "A.14.2.2", "A.14.2.3", "A.14.2.4", "A.6.2.1", "A.6.2.2", "A.9.1.2"], "nist": ["CM-7(a)", "CM-7(b)", "CM-6(a)"], "nist-csf": ["PR.AC-3", "PR.IP-1", "PR.PT-3", "PR.PT-4"], "cis": ["7.2.10"]}, "control_references": {"cis": ["7.2.10"]}, "components": [], "identifiers": {}, "ocil_clause": "these files exist", "ocil": "The existence of the file <tt>/etc/hosts.equiv</tt> or a file named\n<tt>.rhosts</tt> inside a user home directory indicates the presence\nof an Rsh trust relationship.", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "package[rsh-server]", "platforms": ["package[rsh-server]"], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": ["package_rsh-server"], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Remove Rsh Trust Files", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/obsolete/r_services/no_rsh_trust_files/rule.yml", "template": null}