UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system must not permit interactive boot.


Overview

Finding ID Version Rule ID IA Controls Severity
V-38588 RHEL-06-000070 SV-50389r1_rule Medium
Description
Using interactive boot, the console user could disable auditing, firewalls, or other services, weakening system security.
STIG Date
Red Hat Enterprise Linux 6 Security Technical Implementation Guide 2016-06-05

Details

Check Text ( C-46146r1_chk )
To check whether interactive boot is disabled, run the following command:

$ grep PROMPT /etc/sysconfig/init

If interactive boot is disabled, the output will show:

PROMPT=no


If it does not, this is a finding.
Fix Text (F-43536r1_fix)
To disable the ability for users to perform interactive startups, edit the file "/etc/sysconfig/init". Add or correct the line:

PROMPT=no

The "PROMPT" option allows the console user to perform an interactive system startup, in which it is possible to select the set of services which are started on boot.