lowservicesverified ✓rollback-safe
Ensure libnsl package is not installed
pkg-libnsl-absent · RHEL ≥ 8 · 2 impls
Description
The libnsl package provides the legacy NIS/YP library. This library supports insecure authentication methods and should not be installed unless specifically required.
Rationale
NIS/YP is an insecure authentication mechanism that transmits data in cleartext. Removing this library eliminates dependencies on legacy insecure services.
Check → Remediate
Checkpackage_state
- name:
- libnsl
- state:
- absent
Remediatepackage_absent
- name:
- libnsl
Framework references
NIST 800-53
CM-7IA-5
Live verification
rhel9:check
#package#nis#yp#attack-surface