Information
While no .rhosts files are shipped with Solaris, users can easily create them.
This action is only meaningful if .rhosts support is permitted in the PAM configuration.
Even though the .rhosts files are ineffective if support is disabled in the PAM
configuration, they may have been brought over from other systems and could contain
information useful to an attacker for those other systems.
Solution
Correct or justify any items discovered in the Audit step. Determine if any user .rhosts
files are present in user directories and work with those users to determine the best course
of action in accordance with site policy.