{"description": "If a filesystem is being exported so that users can view the files in a convenient\nfashion, but there is no need for users to edit those files, exporting the filesystem read-only\nremoves an attack vector against the server. The default filesystem export mode is <tt>ro</tt>,\nso do not specify <tt>rw</tt> without a good reason.", "warnings": [], "requires": [], "conflicts": [], "values": {}, "groups": {}, "rules": {}, "platform": "", "platforms": [], "inherited_platforms": [], "cpe_platform_names": [], "title": "Export Filesystems Read-Only if Possible", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/services/nfs_and_rpc/nfs_configuring_servers/export_filesystems_read_only/group.yml"}