Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Red Hat Enterprise Linux operating system must be configured so that the x86 Ctrl-Alt-Delete key sequence is disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-71993 | RHEL-07-020230 | SV-86617r3_rule | High |
| Description |
|---|
| A locally logged-on user who presses Ctrl-Alt-Delete, when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In the GNOME graphical environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 7 Security Technical Implementation Guide | 2018-11-28 |
Details
| Check Text ( C-72225r3_chk ) |
|---|
| Verify the operating system is not configured to reboot the system when Ctrl-Alt-Delete is pressed. Check that the ctrl.alt.del.target is masked and not active with the following command: # systemctl status ctrl.alt.del.target ctrl-alt-del.target Loaded: masked (/dev/null; bad) Active: inactive (dead) If the ctrl.alt.del.target is not masked, this is a finding. If the ctrl.alt.del.target is active, this is a finding. |
| Fix Text (F-78345r5_fix) |
|---|
| Configure the system to disable the Ctrl-Alt_Delete sequence for the command line with the following command: # systemctl mask ctrl-alt-del.target If GNOME is active on the system, create a database to contain the system-wide setting (if it does not already exist) with the following command: # touch /etc/dconf/db/local.d/00-disable-CAD Add the setting to disable the Ctrl-Alt_Delete sequence for GNOME: [org/gnome/settings-daemon/plugins/media-keys] logout='' |