The Red Hat Enterprise Linux operating system must disable the file system automounter unless required.

An XCCDF Rule

Details
Profiles

Description

Automatically mounting file systems permits easy introduction of unknown devices, thereby facilitating malicious activity. Satisfies: SRG-OS-000114-GPOS-00059, SRG-OS-000378-GPOS-00163, SRG-OS-000480-GPOS-00227

ID: SV-204451r853893_rule
Version: RHEL-07-020110
Severity: Medium
References: CCI-000366 CCI-000778 CCI-001958
Updated: 5 days ago

Remediation Templates

Configure the operating system to disable the ability to automount devices.

Turn off the automount service with the following commands:

# systemctl stop autofs
# systemctl disable autofs
If "autofs" is required for Network File System (NFS), it must be documented with the ISSO.

The Red Hat Enterprise Linux operating system must disable the file system automounter unless required.

Description

Remediation Templates

A Manual Procedure