Description

Local system users should not have a .rhost file in their home directory.

Rationale

User configuration files with excessive or incorrect access may enable malicious users to steal or modify other users’ data or to gain another user’s system privileges. The .rhost file provides the “remote authentication” database for the rcp, rlogin, and rsh commands and the rcmd() function. These files bypass the standard password-based user authentication mechanism. They specify remote hosts and users that are considered trusted (i.e. are allowed to access the local system without supplying a password).

Warning

Automatic remediation of this rule is not available due to the unique requirements of each system. Any .rhost files should be investigated and removed manually.