The x86 CTRL-ALT-DELETE key sequence must be disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-4342 | GEN000000-LNX00580 | SV-62991r1_rule | High |
| Description |
|---|
| Undesirable reboots can occur if the CTRL-ALT-DELETE key sequence is not disabled. Such reboots may cause a loss of data or loss of access to critical information. |
| STIG | Date |
|---|---|
| Oracle Linux 5 Security Technical Implementation Guide | 2020-02-25 |
Details
| Check Text ( C-51787r1_chk ) |
|---|
| Verify that reboot using the CTRL-ALT-DELETE key sequence has been disabled by performing: # grep ctrlaltdel /etc/inittab If the line returned does not specify "/usr/bin/logger", or is not commented out, this is a finding. |
| Fix Text (F-53575r1_fix) |
|---|
| Ensure the CTRL-ALT-DELETE key sequence has been disabled and attempts to use the sequence are logged. In the /etc/inittab file replace: ca::ctrlaltdel:/sbin/shutdown -t3 -r now with ca:nil:ctrlaltdel:/usr/bin/logger -p security.info "Ctrl-Alt-Del was pressed" Once this change has been made, execute the following command to force the "init" daemon to re-read /etc/inittab: # telinit q |