Skip to content

All AIX NFS anonymous UIDs and GIDs must be configured to values without permissions.

An XCCDF Rule

Description

<VulnDiscussion>When an NFS server is configured to deny remote root access, a selected UID and GID are used to handle requests from the remote root user. The UID and GID should be chosen from the system to provide the appropriate level of non-privileged access.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-215209r991589_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Edit "/etc/exports" and set the "anon=-1" option for all exported file systems without it. 

Re-export the file systems using command: 
# exportfs -a