RHEL-09-232260 causes long running scan

[layluke]

Question
RHEL-09-232260 causes long running scan as it will scan all filesystems attached to /, even remote ones.

While this is probably the most complete way of handling this, it causes very long scan times that may be unnecessary when NFS is being used. Since other portions of the STIG locks down using device files, I'm not sure if the checks there are necessary outside of /dev.

in https://www.stigviewer.com/stig/red_hat_enterprise_linux_9/2023-09-13/finding/V-257932, it notes that there could be device files outside of /dev, but the scan text provided only searches through dev.

Not sure if appending /dev to the find command in the task would just be a lazy way of getting this to perform better, and satisfying scans. Or if adding some code to ignore nfs mounts would be a "better" way to ensure this check.

I'm not even sure if this needs to be addressed, as it can be likely turned off in most cases. Just want to bring it up at least since it was in my notes during my initial testing of this role.