Check: GEN006225
HP-UX 11.23 STIG:
GEN006225
(in version v1 r8)
Title
Samba must be configured to use an authentication mechanism other than share. (Cat II impact)
Discussion
Samba share authentication does not provide for individual user identification and must not be used.
Check Content
Examine the smb.conf file for the share security setting.. # cat /etc/opt/samba/smb.conf | tr '\011' ' ' | tr -s ' ' | sed -e 's/^[ \t]*//' | grep -v "^#" | grep -i "^security = share" If the share security setting is share, this is a finding.
Fix Text
Edit the /etc/smb.conf file and change the security setting to user or another valid setting other than share, for example: security = user
Additional Identifiers
Rule ID: SV-35109r1_rule
Vulnerability ID: V-22499
Group Title: GEN006225
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
Number | Title |
---|---|
CM-6 |
Configuration Settings |