Red Hat Enterprise Linux 9 • Release: 7 Benchmark Date: 05 Jan 2026
CAT II V-258087 RHEL-09-432030
RHEL 9 must restrict privilege elevation to authorized personnel.
Discussion
If the "sudoers" file is not configured correctly, any user defined on the system can initiate privileged actions on the target system.
Check Procedure
Verify RHEL 9 restricts privilege elevation to authorized personnel with the following command: $ sudo grep -iwR 'ALL' /etc/sudoers /etc/sudoers.d/ | grep -v '#' If the either of the following entries are returned, this is a finding: ALL ALL=(ALL) ALL ALL ALL=(ALL:ALL) ALL
Fix Action
Remove the following entries from the /etc/sudoers file or configuration file under /etc/sudoers.d/: ALL ALL=(ALL) ALL ALL ALL=(ALL:ALL) ALL