GEN005820 - The NFS anonymous UID and GID must be configured to values that have no permissions - 'anongid'

Information

When an NFS server is configured to deny remote root access, a selected UID and GID are used to handle requests from the remote root user. The UID and GID should be chosen from the system to provide the appropriate level of non-privileged access.

Solution

Edit '/etc/exports' and set the 'anonuid=-1' and 'anongid=-1' options for exports lacking it. Re-export the filesystems.

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-14(1), CAT|II, CCI|CCI-000062, Group-ID|V-932, Rule-ID|SV-37854r1_rule, STIG-ID|GEN005820, Vuln-ID|V-932

Plugin: Unix

Control ID: bc5e20bdf207c255597e6eabd26cfca6f271cb8551a24fcd736e7b205c54ec90