We've found our application servers for IGL have very insecure sudoers files. Among other things, it allows editing the /etc/hosts file, although there do not appear to be any special entries in the file. It also allows running the reboot and/or shutdown commands and /bin/hostname, all as the oracle user.
It looks like someone provided a ton of random sudo access for a vendor and never cleaned up afterwards.
Is this sudo access required by the IGL application?