tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

check permissions of files used by rsh 

The old rsh (remote shell) grants access to users and hosts in the files
/etc/hosts.equiv and ~/r(login|hosts). If attackers can write to those
files, he can logon as a different user or even root (in case of roots
.r(login|hosts) only) to the system. While the rsh daemon usually checks
for non-root owners or write permissions, this may not be the case on
any system.

Those files might affect other services as well (rlogin, rcp, ...).

As hostnames and usernames are not verified securely, the use of rsh and
similar commands discouraged. It may still be in use on legacy systems
even today, so it should be secured as much as possible if not possible
to remove/replace.
This commit is contained in:
Simon Biewald 2020-06-20 17:08:56 +02:00
parent bd29a3e4e7
commit b7b132721e
No known key found for this signature in database
GPG Key ID: DAD5F452603F1344
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
default.prf
View File

@ -303,6 +303,9 @@ permfile=/etc/motd:rw-r--r--:root:root:WARN:
permfile=/etc/passwd:rw-r--r--:root:-:WARN:
permfile=/etc/passwd-:rw-r--r--:root:-:WARN:
permfile=/etc/ssh/sshd_config:rw-------:root:-:WARN:
permfile=/etc/hosts.equiv:rw-r--r--:root:root:WARN:
permfile=/root/.rhosts:rw-------:root:root:WARN:
permfile=/root/.rlogin:rw-------:root:root:WARN:
# These permissions differ by OS
#permfile=/etc/gshadow:---------:root:-:WARN: