SV-227021r603265_rule
V-227021
SRG-OS-000480
GEN006150
CAT II
10
Remove the extended ACL from the file.
# chmod A- /etc/smb.conf /etc/sfw/smb.conf /etc/samba/smb.conf /etc/sfw/samba/smb.conf
Check the group ownership of the Samba configuration file. Default locations for this file include /etc, /etc/sfw, /etc/samba, and /etc/sfw/samba. If the system has Samba installed in non-standard locations, also check the smb.conf in those locations.
Procedure:
# ls -lL /etc/smb.conf /etc/sfw/smb.conf /etc/samba/smb.conf /etc/sfw/samba/smb.conf
If the permissions include a "+", the file has an extended ACL and this is a finding.
V-227021
False
GEN006150
Check the group ownership of the Samba configuration file. Default locations for this file include /etc, /etc/sfw, /etc/samba, and /etc/sfw/samba. If the system has Samba installed in non-standard locations, also check the smb.conf in those locations.
Procedure:
# ls -lL /etc/smb.conf /etc/sfw/smb.conf /etc/samba/smb.conf /etc/sfw/samba/smb.conf
If the permissions include a "+", the file has an extended ACL and this is a finding.
M
4060