AlmaLinux OS 9 must restrict privilege elevation to authorized personnel.

An XCCDF Rule

Description

If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.

ID: SV-269232r1050114_rule
Version: ALMA-09-017290
Severity: Medium
References: CCI-000366
Updated: about 2 months ago

Remediation Templates

Remove the following entries from the /etc/sudoers file or configuration files under /etc/sudoers.d/ (including NOPASSWD equivalents):

ALL     ALL=(ALL) ALL
ALL     ALL=(ALL:ALL) ALL