UBTU-18-010114 - The Ubuntu operating system must require users to re-authenticate for privilege escalation and changing roles.


Without re-authentication, users may access resources or perform tasks for which they do not have authorization.

When the Ubuntu operating system provides the capability to escalate a functional capability or change security roles, it is critical the user re-authenticate.

Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157


Remove any occurrence of 'NOPASSWD' or '!authenticate' found in '/etc/sudoers' file or files in the /etc/sudoers.d directory.

See Also


Item Details

References: CAT|II, CCI|CCI-002038, Rule-ID|SV-219185r853371_rule, STIG-ID|UBTU-18-010114, STIG-Legacy|SV-109701, STIG-Legacy|V-100597, Vuln-ID|V-219185

Plugin: Unix

Control ID: 0227d0644510a3d2e023486f979a61db423e63f93d4a9fa6fecf21b105c6f789