← Back to SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide

V-261375

CAT II (Medium)

SLEM 5 must restrict privilege elevation to authorized personnel.

Rule ID

SV-261375r996562_rule

STIG

SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide

Version

V1R4

CCIs

CCI-000366

Discussion

The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms the request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.

Check Content

Verify the "sudoers" file restricts sudo access to authorized personnel with the following command:

     > sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/*
     root ALL=(ALL) ALL

If "ALL     ALL=(ALL) ALL" or "ALL     ALL=(ALL:ALL) ALL" entries are returned, this is a finding.

Fix Text

Remove the following entries from the "/etc/sudoers" file:

ALL     ALL=(ALL) ALL
ALL     ALL=(ALL:ALL) ALL