Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
File share permissions must be reconfigured to remove the Everyone group.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3245 | 2.015 | SV-25006r2_rule | Medium |
| Description |
|---|
| Shares on a system can provide network access, exposing sensitive information. If a share is necessary, permissions must be reconfigured to give the minimum access to those accounts that require it. |
| STIG | Date |
|---|---|
| Windows 7 Security Technical Implementation Guide | 2016-12-19 |
Details
| Check Text ( C-62071r2_chk ) |
|---|
| Open the Computer Management Console. Expand the "System Tools" object in the left pane. Expand the "Shared Folders" object. Select the "Shares" object. Right click any user-created shares (ignore administrative shares; the system will prompt you if Properties are selected for administrative shares). Select "Properties". Select the "Share Permissions" tab. If user-created file shares have not been reconfigured to remove ACL permissions from the "Everyone" group, this is a finding. If shares created by applications require the "Everyone" group, this must be documented with the ISSO. |
| Fix Text (F-66969r2_fix) |
|---|
| Remove permissions from the "Everyone" group from locally-created file shares and assign them to authorized groups. |