======6.2.13 Ensure users' .netrc Files are not group or world accessible (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server
Level 1 - Workstation 
</code>

=====Description=====
While the system administrator can establish secure permissions for users' ''.netrc'' files, the users can easily override these.

=====Rationale=====
''.netrc'' files may contain unencrypted passwords that may be used to attack other systems.

=====Audit===== 
Run the following script and verify no results are returned:
<Code:bash>
#!/bin/bash 
for dir in `cat /etc/passwd | egrep -v '(root|sync|halt|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin") { print $6 }'`; do
  for file in $dir/.netrc; do
    if [ ! -h "$file" -a -f "$file" ]; then
      fileperm=`ls -ld $file | cut -f1 -d" "` 
      if [ `echo $fileperm | cut -c5 ` != "-" ]; then
        echo "Group Read set on $file" 
      fi 
      if [ `echo $fileperm | cut -c6 ` != "-" ]; then
        echo "Group Write set on $file" 
      fi 
      if [ `echo $fileperm | cut -c7 ` != "-" ]; then 
        echo "Group Execute set on $file" 
      fi 
      if [ `echo $fileperm | cut -c8 ` != "-" ]; then 
        echo "Other Read set on $file" 
      fi 
      if [ `echo $fileperm | cut -c9 ` != "-" ]; then 
        echo "Other Write set on $file" 
      fi 
      if [ `echo $fileperm | cut -c10 ` != "-" ]; then 
        echo "Other Execute set on $file" 
      fi 
    fi 
  done 
done
</Code>

=====Remediation=====
Making global modifications to users' files without alerting the user community can result in unexpected outages and unhappy users. Therefore, it is recommended that a monitoring policy be established to report user ''.netrc'' file permissions and determine the action to be taken in accordance with site policy.

=====Notes=====
While the complete removal of ''.netrc'' files is recommended if any are required on the system secure permissions must be applied.