5.3.2 Ensure sudo commands use pty
Audit
Verify that sudo can only run other commands from a pseudo terminal.
Run the following command:
# grep -rPi '^\h*Defaults\h+([^#\n\r]+,)?use_pty(,\h*\h+\h*)*\h*(#.*)?$' /etc/sudoers*
Verify the output matches:
/etc/sudoers:Defaults use_pty
Edit the file /etc/sudoers with visudo or a file in /etc/sudoers.d/ with visudo -f and add the following line: