The /etc/smb.conf file must be owned by root.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-1027 | GEN006100 M6 | SV-38183r1_rule | ECLP-1 | Medium |
| Description |
|---|
| The /etc/smb.conf file allows access to other machines on the network and grants permissions to certain users. If it is owned by another user, the file may be maliciously modified and the Samba configuration could be compromised. |
| STIG | Date |
|---|---|
| MAC OSX 10.6 Workstation Security Technical Implementation Guide | 2013-04-09 |
Details
| Check Text ( C-37587r1_chk ) |
|---|
| Open a terminal session and enter the following command to verify the ownership of the file. ls -lL /etc/smb.conf If an smb.conf file is not owned by root, this is a finding. |
| Fix Text (F-32829r1_fix) |
|---|
| Open a terminal session and enter the following command to set the owner of the smb.conf file to root. chown root /etc/smb.conf |