TOSS 5 file system automount function must be disabled unless required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-282497 | TOSS-05-000133 | SV-282497r1200471_rule | CCI-000778 | medium |
| Description | ||||
| An authentication process resists replay attacks if it is impractical to achieve a successful authentication by recording and replaying a previous authentication message. | ||||
| STIG | Date | |||
| Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide | 2026-04-01 | |||
Details
Check Text (C-282497r1200471_chk)
Verify TOSS 5 file system automount function has been disabled using the following command:
$ sudo systemctl is-enabled autofs
masked
If the returned value is not "masked", "disabled", "Failed to get unit file state for autofs.service for autofs", or "enabled", and is not documented as operational requirement with the information system security officer (ISSO), this is a finding.
Fix Text (F-86963r1200470_fix)
Configure TOSS 5 to disable the ability to automount devices.
Disable the "autofs" service using the following command:
$ sudo systemctl mask --now autofs.service