← Back to IBM AIX 7.x Security Technical Implementation Guide

V-215395

CAT II (Medium)

If automated file system mounting tool is not required on AIX, it must be disabled.

Rule ID

SV-215395r958820_rule

STIG

IBM AIX 7.x Security Technical Implementation Guide

Version

V3R2

CCIs

CCI-001958

Discussion

Automated file system mounting tools may provide unprivileged users with the ability to access local media and network shares. If this access is not necessary for the system’s operation, it must be disabled to reduce the risk of unauthorized access to these resources.

Check Content

Determine if the system uses "automated" by using command:

# lssrc -s automountd
Subsystem         Group            PID          Status
automountd       autofs                        inoperative

If the automountd process is active, this is a finding.

Fix Text

Disable the automated file system mounting tools. 

Empty the /etc/auto_master file.

From the command prompt, run the following command:
# stopsrc -s automountd