All AIX NFS anonymous UIDs and GIDs must be configured to values without permissions.

An XCCDF Rule

Details
Profiles
Prose

Description

<VulnDiscussion>When an NFS server is configured to deny remote root access, a selected UID and GID are used to handle requests from the remote root user. The UID and GID should be chosen from the system to provide the appropriate level of non-privileged access.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-215209r508663_rule
Severity: Medium
References: CCI-000366
Updated: 8 months ago

Edit "/etc/exports" and set the "anon=-1" option for all exported file systems without it. 

Re-export the file systems using command: 
# exportfs -a

All AIX NFS anonymous UIDs and GIDs must be configured to values without permissions.

Description

Remediation - Manual Procedure