STIGQter: STIG Summary: Solaris 10 SPARC Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

Samba must be configured to use an authentication mechanism other than "share."

DISA Rule

SV-227027r603265_rule

Vulnerability Number

V-227027

Group Title

SRG-OS-000480

Rule Version

GEN006225

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Edit the smb.conf file and change the security setting to user or another valid setting other than share.

Check Contents

Check the security mode of the Samba configuration. Default locations for this file include /etc, /etc/sfw, /etc/samba, and /etc/sfw/samba. If the system has Samba installed in non-standard locations, also check the smb.conf in those locations.

Procedure:
# grep -i security /etc/smb.conf /etc/sfw/smb.conf /etc/samba/smb.conf /etc/sfw/samba/smb.conf
If the security mode is share, this is a finding.

Vulnerability Number

V-227027

Documentable

False

Rule Version

GEN006225

Severity Override Guidance

Check the security mode of the Samba configuration. Default locations for this file include /etc, /etc/sfw, /etc/samba, and /etc/sfw/samba. If the system has Samba installed in non-standard locations, also check the smb.conf in those locations.

Procedure:
# grep -i security /etc/smb.conf /etc/sfw/smb.conf /etc/samba/smb.conf /etc/sfw/samba/smb.conf
If the security mode is share, this is a finding.

Check Content Reference

M

Target Key

4060

Comments