STIGQter STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The Network File System (NFS) anonymous UID and GID must be configured to values without permissions.

DISA Rule

SV-64169r1_rule

Vulnerability Number

V-932

Group Title

GEN005820

Rule Version

GEN005820

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Edit "/etc/exports" and set the "anonuid=-1" and "anongid=-1" options for exports lacking it.

Re-export the filesystems.

Check Contents

Check if the 'anonuid' and 'anongid' options are set correctly for exported file systems.

List exported filesystems:
# exportfs -v

Each of the exported file systems should include an entry for the 'anonuid=' and 'anongid=' options set to "-1" or an equivalent (60001, 65534, or 65535).

If appropriate values for 'anonuid' or 'anongid' are not set, this is a finding.

Vulnerability Number

V-932

Documentable

False

Rule Version

GEN005820

Severity Override Guidance

Check if the 'anonuid' and 'anongid' options are set correctly for exported file systems.

List exported filesystems:
# exportfs -v

Each of the exported file systems should include an entry for the 'anonuid=' and 'anongid=' options set to "-1" or an equivalent (60001, 65534, or 65535).

If appropriate values for 'anonuid' or 'anongid' are not set, this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

2207

Comments