NFS Anonymous UID/GID of -1 Passes DoD STIG Guidance in SCAP-Security-Guid But is an Invalid Option
Issue
- The use of -1 as an anonymous UID/GID is no longer allowed in NFS due to compliance issues with kernel namespaces. The current scap-security-guide checks still recognize -1 as a valid UID/GID in the setup of an NFS export.
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
- DoD STIG Guidelines Applied
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.