Disable more network file systems

This commit is contained in:
Raja Grewal 2024-07-15 20:54:18 +10:00
parent 82c5a93f7c
commit 9e40ff0551
No known key found for this signature in database
GPG Key ID: 92CA473C156B64C4

View File

@ -91,10 +91,23 @@ install mei-me /usr/bin/disabled-intelme-by-security-misc
## Network File Systems:
## Disable uncommon network file systems to reduce attack surface.
##
install cifs /usr/bin/disabled-netfilesys-by-security-misc
install gfs2 /usr/bin/disabled-netfilesys-by-security-misc
install ksmbd /usr/bin/disabled-netfilesys-by-security-misc
##
## Common Internet File System (CIFS):
##
install cifs /usr/bin/disabled-netfilesys-by-security-misc
install cifs_arc4 /usr/bin/disabled-netfilesys-by-security-misc
install cifs_md4 /usr/bin/disabled-netfilesys-by-security-misc
##
## Network File System (NFS):
##
install nfs /usr/bin/disabled-netfilesys-by-security-misc
install nfs_acl /usr/bin/disabled-netfilesys-by-security-misc
install nfs_layout_nfsv41_files /usr/bin/disabled-netfilesys-by-security-misc
install nfs_layout_flexfiles /usr/bin/disabled-netfilesys-by-security-misc
install nfsd /usr/bin/disabled-netfilesys-by-security-misc
install nfsv2 /usr/bin/disabled-netfilesys-by-security-misc
install nfsv3 /usr/bin/disabled-netfilesys-by-security-misc
install nfsv4 /usr/bin/disabled-netfilesys-by-security-misc