UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The Red Hat Enterprise Linux operating system must be configured so that the x86 Ctrl-Alt-Delete key sequence is disabled in the Graphical User Interface.


Overview

Finding ID Version Rule ID IA Controls Severity
V-204456 RHEL-07-020231 SV-204456r603261_rule High
Description
A locally logged-on user who presses Ctrl-Alt-Delete, when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In the graphical environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
STIG Date
Red Hat Enterprise Linux 7 Security Technical Implementation Guide 2022-12-06

Details

Check Text ( C-4580r590040_chk )
Note: If the operating system does not have a graphical user interface installed, this requirement is Not Applicable.

Verify the operating system is not configured to reboot the system when Ctrl-Alt-Delete is pressed.

Check that the ctrl-alt-del.target is masked and not active in the graphical user interface with the following command:

# grep logout /etc/dconf/db/local.d/*

logout=''

If "logout" is not set to use two single quotations, or is missing, this is a finding.
Fix Text (F-4580r590041_fix)
Configure the system to disable the Ctrl-Alt-Delete sequence for the graphical user interface with the following command:

# touch /etc/dconf/db/local.d/00-disable-CAD

Add the setting to disable the Ctrl-Alt-Delete sequence for the graphical user interface:

[org/gnome/settings-daemon/plugins/media-keys]
logout=''