SLEM 5 must restrict privilege elevation to authorized personnel.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-261375 | SRG-OS-000480-GPOS-00227 | SLEM-05-432025 | SV-261375r996562_rule | 2026-02-10 | 1 |
Description
The sudo command allows a user to execute programs with elevated (administrator) privileges. It prompts the user for their password and confirms the request to execute a command by checking a file, called sudoers. If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
ℹ️ Check
Verify the "sudoers" file restricts sudo access to authorized personnel with the following command:
> sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/*
root ALL=(ALL) ALL
If "ALL ALL=(ALL) ALL" or "ALL ALL=(ALL:ALL) ALL" entries are returned, this is a finding.
✔️ Fix
Remove the following entries from the "/etc/sudoers" file:
ALL ALL=(ALL) ALL
ALL ALL=(ALL:ALL) ALL