The operating system must restrict privilege elevation to authorized personnel

An XCCDF Rule

Description

The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. Restrict privileged actions by removing the following entries from the sudoers file: ALL ALL=(ALL) ALL ALL ALL=(ALL:ALL) ALL

warning alert: Warning

This rule doesn't come with a remediation, as the exact requirement allows exceptions, and removing lines from the sudoers file can make the system non-administrable.

Rationale

If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.

ID: xccdf_org.ssgproject.content_rule_sudo_restrict_privilege_elevation_to_authorized
Severity: Medium
References: CCI-000366

CM-6(b) CM-6(iv)

SRG-OS-000480-GPOS-00227

RHEL-07-010341

SV-237633r646850_rule

CCE-83423-4
Updated: about 1 year ago