--- RHEL6/input/services/nfs.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/RHEL6/input/services/nfs.xml b/RHEL6/input/services/nfs.xml index 6e75440..6d722b1 100644 --- a/RHEL6/input/services/nfs.xml +++ b/RHEL6/input/services/nfs.xml @@ -336,7 +336,7 @@ intercept the request and substitute a malicious file. Allowing setuid files to be executed from remote servers is particularly risky, both for this reason and because it requires the clients to extend root-level trust to the NFS server.</description> -<Rule id="use_nodev_option_on_nfs_mounts"> +<Rule id="use_nodev_option_on_nfs_mounts" severity="medium"> <title>Mount Remote Filesystems with nodev</title> <description> <mount-desc-macro option="nodev" part="any NFS mounts" /> @@ -352,7 +352,7 @@ should not present device files to users.</rationale> <oval id="mount_option_nodev_remote_filesystems" /> </Rule> -<Rule id="use_nosuid_option_on_nfs_mounts"> +<Rule id="use_nosuid_option_on_nfs_mounts" severity="medium"> <title>Mount Remote Filesystems with nosuid</title> <description> <mount-desc-macro option="nosuid" part="any NFS mounts" /> -- 1.8.0 _______________________________________________ scap-security-guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
