1.3.2 Ensure sudo commands use pty

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

sudo can be configured to run only from a psuedo-pty
Rationale:
Attackers can run a malicious program using sudo which would fork a background process that remains even when the main program has finished executing.

Solution

edit the file /etc/sudoers or a file in /etc/sudoers.d/ with visudo -f and add the following line:
Defaults use_pty
Impact:
editing the sudo configuration incorrectly can cause sudo to stop functioning.

See Also

https://workbench.cisecurity.org/files/2485

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3(7)

Plugin: Unix

Control ID: 097a0679e8e3db551795e2971bac84e46b0d13f4d733885447e1703c6a33a3e8