{"description": "When configuring NFS exports, ensure that each export line in <tt>/etc/exports</tt> contains\na list of hosts which are allowed to access that export. If no hosts are specified on an export line,\nthen that export is available to any remote host which requests it. All lines of the exports file should\nspecify the hosts (or subnets, if needed) which are allowed to access the exported directory, so that\nunknown or remote hosts will be denied.\n<br /><br />\nAuthorized hosts can be specified in several different formats:\n<ul>\n<li>Name or alias that is recognized by the resolver</li>\n<li>Fully qualified domain name</li>\n<li>IP address</li>\n<li>IP subnets in the format <tt>address/netmask</tt> or <tt>address/CIDR</tt></li>\n</ul>", "warnings": [], "requires": [], "conflicts": [], "values": {}, "groups": {}, "rules": {}, "platform": "", "platforms": [], "inherited_platforms": [], "cpe_platform_names": [], "title": "Use Access Lists to Enforce Authorization Restrictions", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/use_acl_enforce_auth_restrictions/group.yml"}