UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The SUSE operating system must restrict privilege elevation to authorized personnel.


Overview

Finding ID Version Rule ID IA Controls Severity
V-234877 SLES-15-020101 SV-234877r622137_rule Medium
Description
The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
STIG Date
SUSE Linux Enterprise Server 15 Security Technical Implementation Guide 2022-09-07

Details

Check Text ( C-38065r618900_chk )
Verify the "sudoers" file restricts sudo access to authorized personnel.
> sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/*

If the either of the following entries are returned, this is a finding:
ALL ALL=(ALL) ALL
ALL ALL=(ALL:ALL) ALL
Fix Text (F-38028r618901_fix)
Remove the following entries from the sudoers file:
ALL ALL=(ALL) ALL
ALL ALL=(ALL:ALL) ALL