Network File System (NFS) servers must only accept NFS requests from privileged ports on client systems.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-927 | GEN005720 | SV-46116r1_rule | ECSC-1 | Medium |
| Description |
|---|
| If clients are not required to use privileged ports to get NFS services, then exported file systems may be in danger of mounting by malicious users and intruders who do not have access to privileged ports. |
| STIG | Date |
|---|---|
| SUSE Linux Enterprise Server v11 for System z | 2013-04-26 |
Details
| Check Text ( C-43373r1_chk ) |
|---|
| # grep insecure /etc/exports If any of the file systems are exported with the 'insecure' option, this is a finding. |
| Fix Text (F-39457r1_fix) |
|---|
| Edit "/etc/exports" and remove the "insecure" option. |