Ensure All-Squashing Disabled On All Exports

An XCCDF Rule

Details
Profiles
Prose

Description

The all_squash maps all uids and gids to an anonymous user. This should be disabled by removing any instances of the all_squash option from the file /etc/exports.

Rationale

The all_squash option maps all client requests to a single anonymous uid/gid on the NFS server, negating the ability to track file access by user ID.

ID: xccdf_org.ssgproject.content_rule_no_all_squash_exports
Severity: Low
Updated: about 1 year ago