Detections
Analytics
RHEL-10-600510 - RHEL 10 must be configured to not bypass password requirements for privilege escalation.
Information
Without reauthentication, users may access resources or perform tasks for which they do not have authorization. When operating systems provide the capability to escalate a functional capability, it is critical the user reauthenticate.Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157, SRG-OS-000373-GPOS-00158
Solution
Configure RHEL 10 to require users to supply a password for privilege escalation.Remove any occurrences of " pam_succeed_if " in the "/etc/pam.d/sudo" file.
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_10_V1R1_STIG.zip
Item Details
Audit Name: DISA Red Hat Enterprise Linux 10 STIG v1r1
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-11, CAT|II, CCI|CCI-002038, Rule-ID|SV-281206r1166570_rule, STIG-ID|RHEL-10-600510, Vuln-ID|V-281206
Plugin: Unix
Control ID: 8e2ae1d9442b157068168b0c5f013b7086c606727154ef139c4c9a8bc6ddd59b