{"description": "Local system users should not have a <tt>.rhost</tt> file in their home directory.", "rationale": "User configuration files with excessive or incorrect access may enable malicious users\nto steal or modify other users' data or to gain another user's system privileges.\nThe <tt>.rhost</tt> file provides the \"remote authentication\" database for the rcp, rlogin, and\nrsh commands and the rcmd() function. These files bypass the standard\npassword-based user authentication mechanism. They specify remote hosts and\nusers that are considered trusted (i.e. are allowed to access the local system\nwithout supplying a password).", "severity": "medium", "references": {}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "any .rhost files exist", "ocil": "To check the system for the existence of any <tt>.rhost</tt> files,\nrun the following command:\n<pre>$ sudo find /home -xdev -name .rhost</pre>", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [{"general": "Automatic remediation of this rule is not available due to the unique\nrequirements of each system. Any .rhost files should be investigated\nand removed manually."}], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "system_with_kernel", "platforms": ["system_with_kernel"], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": ["system_with_kernel"], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Verify No .rhost Files Exist", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/accounts/accounts-restrictions/password_storage/no_rhost_files/rule.yml", "template": null}