Samba must be configured to use an authentication mechanism other than share.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-22499 | GEN006225 | SV-35109r1_rule | ECSC-1 | Medium |
| Description |
|---|
| Samba share authentication does not provide for individual user identification and must not be used. |
| STIG | Date |
|---|---|
| HP-UX 11.23 Security Technical Implementation Guide | 2015-12-02 |
Details
| Check Text ( C-36705r1_chk ) |
|---|
| Examine the smb.conf file for the share security setting.. # cat /etc/opt/samba/smb.conf | tr '\011' ' ' | tr -s ' ' | sed -e 's/^[ \t]*//' | grep -v "^#" | grep -i "^security = share" If the share security setting is share, this is a finding. |
| Fix Text (F-32081r1_fix) |
|---|
| Edit the /etc/smb.conf file and change the security setting to user or another valid setting other than share, for example: security = user |