AlmaLinux OS 9 must use the invoking user's password for privilege escalation when using "sudo".

An XCCDF Rule

Details
Profiles

Description

If the rootpw, targetpw, or runaspw flags are defined and not disabled, by default the operating system will prompt the invoking user for the "root" user password.

ID: SV-269233r1050115_rule
Version: ALMA-09-017400
Severity: Medium
References: CCI-000366
Updated: about 2 months ago

Remediation Templates

Define the following in the Defaults section of the /etc/sudoers file or a single configuration file in the /etc/sudoers.d/ directory:

Defaults !targetpw
Defaults !rootpw
Defaults !runaspw

AlmaLinux OS 9 must use the invoking user's password for privilege escalation when using "sudo".

Description

Remediation Templates

A Manual Procedure