The Ubuntu operating system must require users to reauthenticate for privilege escalation or when changing roles.

Quick Actions

We are continuing to improve Stigviewer and we are planning on rolling out new services in the near future. Would you like to be part of the conversation on what those features should be? If so, click here.

Featured Partners

Web page built by Cyber Protection Services

Check out our new AI-powered GRC tool here .
Compliance Dictionary

Standardizes and unifies compliance terms.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-238208	UBTU-20-010014	SV-238208r1015142_rule		Medium

Description

Without reauthentication, users may access resources or perform tasks for which they do not have authorization. When operating systems provide the capability to escalate a functional capability, it is critical the user reauthenticate. Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157

STIG	Date
Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide	2024-08-22

Details

Check Text (C-41418r653797_chk)

Verify the "/etc/sudoers" file has no occurrences of "NOPASSWD" or "!authenticate" by running the following command:

$ sudo egrep -i '(nopasswd|!authenticate)' /etc/sudoers /etc/sudoers.d/*

If any occurrences of "NOPASSWD" or "!authenticate" return from the command, this is a finding.

Fix Text (F-41377r653798_fix)

Remove any occurrence of "NOPASSWD" or "!authenticate" found in "/etc/sudoers" file or files in the "/etc/sudoers.d" directory.

STIG VIEWER