documentation_complete: true

# potentially obsolete, rsh-server is not available in RHEL9

title: 'Disable rlogin Service'

description: |-
    The <tt>rlogin</tt> service, which is available with
    the <tt>rsh-server</tt> package and runs as a service through xinetd or separately
    as a systemd socket, should be disabled.
    If using xinetd, set <tt>disable</tt> to <tt>yes</tt> in <tt>/etc/xinetd.d/rlogin</tt>.
    {{{ describe_socket_disable(socket="rlogin") }}}

rationale: |-
    The rlogin service uses unencrypted network communications, which
    means that data from the login session, including passwords and
    all other information transmitted during the session, can be
    stolen by eavesdroppers on the network.

severity: high

identifiers:
    cce@rhel8: CCE-80885-7
    cce@rhel9: CCE-88395-9
    cce@rhel10: CCE-88103-7
    cce@sle15: CCE-91419-2

references:
    cis-csc: 1,11,12,14,15,16,3,5,8,9
    cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.04,DSS05.02,DSS05.03,DSS05.04,DSS05.05,DSS05.07,DSS05.10,DSS06.03,DSS06.06,DSS06.10
    cui: 3.1.13,3.4.7
    hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii)
    isa-62443-2009: 4.3.3.2.2,4.3.3.5.1,4.3.3.5.2,4.3.3.5.3,4.3.3.5.4,4.3.3.5.5,4.3.3.5.6,4.3.3.5.7,4.3.3.5.8,4.3.3.6.1,4.3.3.6.2,4.3.3.6.3,4.3.3.6.4,4.3.3.6.5,4.3.3.6.6,4.3.3.6.7,4.3.3.6.8,4.3.3.6.9,4.3.3.7.1,4.3.3.7.2,4.3.3.7.3,4.3.3.7.4,4.3.4.3.2,4.3.4.3.3
    isa-62443-2013: 'SR 1.1,SR 1.10,SR 1.11,SR 1.12,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.6,SR 1.7,SR 1.8,SR 1.9,SR 2.1,SR 2.2,SR 2.3,SR 2.4,SR 2.5,SR 2.6,SR 2.7,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6'
    iso27001-2013: A.11.2.6,A.12.1.2,A.12.5.1,A.12.6.2,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.18.1.4,A.6.2.1,A.6.2.2,A.7.1.1,A.9.1.2,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.2,A.9.4.3
    nist: CM-7(a),CM-7(b),CM-6(a),IA-5(1)(c)
    nist-csf: PR.AC-1,PR.AC-3,PR.AC-6,PR.AC-7,PR.IP-1,PR.PT-3,PR.PT-4

{{{ complete_ocil_entry_socket_and_service_disabled("rlogin") }}}

platform: system_with_kernel

{{% if product == "sle15" %}}
template:
    name: xinetd_service_disabled
    vars:
        servicename: rlogin
        packagename: rsh-server
{{% else %}}
template:
    name: service_disabled
    vars:
        servicename: rlogin
        packagename: rsh-server
{{% endif %}}