Use Access Lists to Enforce Authorization Restrictions
An XCCDF Group
Description
When configuring NFS exports, ensure that each export line in /etc/exports contains
a list of hosts which are allowed to access that export. If no hosts are specified on an export line,
then that export is available to any remote host which requests it. All lines of the exports file should
specify the hosts (or subnets, if needed) which are allowed to access the exported directory, so that
unknown or remote hosts will be denied.
Authorized hosts can be specified in several different formats:
- Name or alias that is recognized by the resolver
- Fully qualified domain name
- IP address
- IP subnets in the format
address/netmaskoraddress/CIDR
- ID
- xccdf_org.ssgproject.content_group_use_acl_enforce_auth_restrictions
- Child Items
- Updated