GEN005840 - The NFS server must be configured to restrict file system access to local hosts - 'Exports containing rw should be reviewed'

Information

The NFS access option limits user access to the specified level. This assists in protecting exported file systems. If access is not restricted, unauthorized hosts may be able to access the system's NFS exports.

Solution

Edit /etc/exports and add ro and/or rw options (as appropriate) specifying a list of hosts or networks which are permitted access. Re-export the file systems.

See Also

http://iasecontent.disa.mil/stigs/zip/U_STIG_Library_2015_07.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-41524r1_rule, STIG-ID|GEN005840, Vuln-ID|V-933

Plugin: Unix

Control ID: 1b61179edd63c6220b77a0f6afb9be484a5ec843c4f7014a6fe1f2a7bfaa0969