File: rule.yml

package info (click to toggle)

scap-security-guide 0.1.78-1

links: PTS, VCS
area: main
in suites: forky, sid
size: 114,600 kB
sloc: xml: 245,305; sh: 84,381; python: 33,093; makefile: 27

file content (33 lines) | stat: -rw-r--r-- 999 bytes

parent folder | download | duplicates (2)

documentation_complete: true

title: Verify Permissions On /etc/sudoers File

description: '{{{ describe_file_permissions(file="/etc/sudoers", perms="0440") }}}'

rationale: |-
    Setting correct permissions on the /etc/sudoers file is important
    because this file hosts sudo configuration. Protection of this
    file is critical for system security. Restricting the permissions
    ensures exclusive control of the sudo configuration.

severity: medium

identifiers:
    cce@rhel8: CCE-86419-9
    cce@rhel9: CCE-86424-9
    cce@rhel10: CCE-90690-9

ocil_clause: '{{{ ocil_clause_file_permissions(file="/etc/sudoers", perms="0440") }}}'

ocil: |-
    {{{ ocil_file_permissions(file="/etc/sudoers", perms="0440") }}}

fixtext: '{{{ fixtext_file_permissions(file="/etc/sudoers", mode="0440") }}}'

srg_requirement: '{{{ srg_requirement_file_permission(file="/etc/sudoers", mode="0440") }}}'

template:
    name: file_permissions
    vars:
        filepath: /etc/sudoers
        filemode: '0440'