Detections
Analytics

1.337 RHEL-09-611145

Information

RHEL 9 must not be configured to bypass password requirements for privilege escalation.

GROUP ID: V-258118
RULE ID: SV-258118r1050789

Without reauthentication, users may access resources or perform tasks for which they do not have authorization. When operating systems provide the capability to escalate a functional capability, it is critical the user reauthenticate.

Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158

Solution

Configure the operating system to require users to supply a password for privilege escalation.

Remove any occurrences of " pam_succeed_if " in the "/etc/pam.d/sudo" file.

See Also

https://workbench.cisecurity.org/benchmarks/22008

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-11, CAT|II, CCI|CCI-002038, CCI|CCI-004895, Rule-ID|SV-258118r1050789_rule, STIG-ID|RHEL-09-611145, Vuln-ID|V-258118

Plugin: Unix

Control ID: 401ae0798eb2dea962c954200116520e6937f72129eb3b4d6b70b854b497cc40