Detections
Analytics

1.67 OL08-00-010381

Information

OL 8 must require users to reauthenticate for privilege escalation and changing roles.

GROUP ID: V-248582RULE ID: SV-248582r1050789

Without reauthentication, users may access resources or perform tasks for which they do not have authorization.

When operating systems provide the capability to escalate a functional capability, it is critical the user reauthenticate.

Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158

Solution

Remove any occurrence of "!authenticate" found in the "/etc/sudoers" file or files in the "/etc/sudoers.d" directory.

See Also

https://workbench.cisecurity.org/benchmarks/23791

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-11, CAT|II, CCI|CCI-002038, CCI|CCI-004895, Rule-ID|SV-248582r1050789_rule, STIG-ID|OL08-00-010381, Vuln-ID|V-248582

Plugin: Unix

Control ID: 16fda60da1364e05969408e1350fa2d7c1ee555fbc817f9dc91d01bd533bdcc2