UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

RHEL 9 must restrict privilege elevation to authorized personnel.


Overview

Finding ID Version Rule ID IA Controls Severity
V-258087 RHEL-09-432030 SV-258087r991589_rule Medium
Description
If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
STIG Date
Red Hat Enterprise Linux 9 Security Technical Implementation Guide 2024-06-04

Details

Check Text ( C-61828r926246_chk )
Verify RHEL 9 restricts privilege elevation to authorized personnel with the following command:

$ sudo sh -c 'grep -iw ALL /etc/sudoers /etc/sudoers.d/*'

If the either of the following entries are returned, this is a finding:
ALL ALL=(ALL) ALL
ALL ALL=(ALL:ALL) ALL
Fix Text (F-61752r926247_fix)
Remove the following entries from the /etc/sudoers file or configuration file under /etc/sudoers.d/:

ALL ALL=(ALL) ALL
ALL ALL=(ALL:ALL) ALL