Skip to content

SLEM 5 must restrict privilege elevation to authorized personnel.

An XCCDF Rule

Description

<VulnDiscussion>The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms the request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-261375r996562_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Remove the following entries from the "/etc/sudoers" file:

ALL     ALL=(ALL) ALL
ALL     ALL=(ALL:ALL) ALL