no way to compare when less than two revisions
Differences
This shows you the differences between two versions of the page.
— | centos7:4:1:15 [2017/05/04 18:14] (current) – created Piotr Kłoczewski | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== 4.1.15 Ensure changes to system administration scope (sudoers) is collected (Scored) ====== | ||
+ | =====Profile Applicability===== | ||
+ | < | ||
+ | Level 2 - Server | ||
+ | Level 2 - Workstation | ||
+ | </ | ||
+ | =====Description===== | ||
+ | Monitor scope changes for system administrations. If the system has been properly configured to force system administrators to log in as themselves first and then use the '' | ||
+ | =====Rationale===== | ||
+ | Changes in the ''/ | ||
+ | =====Audit===== | ||
+ | Run the following command and verify output matches: | ||
+ | < | ||
+ | # grep scope / | ||
+ | -w / | ||
+ | -w / | ||
+ | </ | ||
+ | =====Remediation===== | ||
+ | Add the following line to the ''/ | ||
+ | < | ||
+ | -w / | ||
+ | -w / | ||
+ | </ |