UBTU-20-010014 - The Ubuntu operating system must require users to reauthenticate for privilege escalation or when changing roles.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Without reauthentication, users may access resources or perform tasks for which they do not have authorization.

When operating systems provide the capability to escalate a functional capability, it is critical the user reauthenticate.

Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157

Solution

Remove any occurrence of 'NOPASSWD' or '!authenticate' found in '/etc/sudoers' file or files in the '/etc/sudoers.d' directory.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_CAN_Ubuntu_20-04_LTS_V1R9_STIG.zip

Item Details

References: CAT|II, CCI|CCI-002038, Rule-ID|SV-238208r853405_rule, STIG-ID|UBTU-20-010014, Vuln-ID|V-238208

Plugin: Unix

Control ID: a910943c74ee0484c75846afe296559c30af69fa1573f3e2598160140afc63c6