Check: OL6-00-000535
Oracle Linux 6 STIG:
OL6-00-000535
(in versions v2 r7 through v2 r3)
Title
The Oracle Linux operating system must restrict privilege elevation to authorized personnel. (Cat II impact)
Discussion
The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms your request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
Check Content
Verify the "sudoers" file restricts sudo access to authorized personnel. $ sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/* If the either of the following entries are returned, this is a finding: ALL ALL=(ALL) ALL ALL ALL=(ALL:ALL) ALL
Fix Text
Remove the following entries from the sudoers file: ALL ALL=(ALL) ALL ALL ALL=(ALL:ALL) ALL
Additional Identifiers
Rule ID: SV-237624r793850_rule
Vulnerability ID: V-237624
Group Title: SRG-OS-000480
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |