The Network File System (NFS) share configuration file must have mode 0644 or less permissive.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-929 | GEN005760 | SV-35184r1_rule | ECCD-1 ECCD-2 ECLP-1 | Low |
| Description |
|---|
| Excessive permissions on the NFS share configuration file could allow unauthorized modification of the file, which could result in Denial-of-Service to authorized NFS shares and the creation of additional unauthorized shares. |
| STIG | Date |
|---|---|
| HP-UX 11.31 Security Technical Implementation Guide | 2018-09-14 |
Details
| Check Text ( C-37992r1_chk ) |
|---|
| # echo `ls -lL /etc/dfs/dfstab` | tr '\011' ' ' | tr -s ' ' | sed -e 's/^[ \t]*//' | cut -f 1,1 -d " " If the file has a mode more permissive than 0644, this is a finding. |
| Fix Text (F-33232r1_fix) |
|---|
| # chmod 0644 /etc/dfs/dfstab |