6.2.13 Ensure users' .netrc Files are not group or world accessible

Information

While the system administrator can establish secure permissions for users' .netrc files, the users can easily override these. .netrc files may contain unencrypted passwords that may be used to attack other systems.

Solution

Making global modifications to users' files without alerting the user community can result in unexpected outages and unhappy users. Therefore, it is recommended that a monitoring policy be established to report user .netrc file permissions and determine the action to be taken in accordance with site policy.

See Also

https://workbench.cisecurity.org/files/1866

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CSCv6|14.4

Plugin: Unix

Control ID: d725d528e10e6c432985bfb01be5ae39f163b37d8c084103c961ed0b76eaa75b