STIGQter STIGQter: STIG Summary: Red Hat Enterprise Linux 8 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

RHEL 8 must restrict privilege elevation to authorized personnel.

DISA Rule

SV-237641r646893_rule

Vulnerability Number

V-237641

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

RHEL-08-010382

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Remove the following entries from the sudoers file:
ALL ALL=(ALL) ALL
ALL ALL=(ALL:ALL) ALL

Check Contents

Verify the "sudoers" file restricts sudo access to authorized personnel.
$ sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/*

If the either of the following entries are returned, this is a finding:
ALL ALL=(ALL) ALL
ALL ALL=(ALL:ALL) ALL

Vulnerability Number

V-237641

Documentable

False

Rule Version

RHEL-08-010382

Severity Override Guidance

Verify the "sudoers" file restricts sudo access to authorized personnel.
$ sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/*

If the either of the following entries are returned, this is a finding:
ALL ALL=(ALL) ALL
ALL ALL=(ALL:ALL) ALL

Check Content Reference

M

Target Key

2921

Comments