UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The graphical display manager must not be the default target on RHEL 9 unless approved.


Overview

Finding ID Version Rule ID IA Controls Severity
V-257781 RHEL-09-211030 SV-257781r991589_rule Medium
Description
Unnecessary service packages must not be installed to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.
STIG Date
Red Hat Enterprise Linux 9 Security Technical Implementation Guide 2024-06-04

Details

Check Text ( C-61522r925328_chk )
Verify that RHEL 9 is configured to boot to the command line:

$ systemctl get-default

multi-user.target

If the system default target is not set to "multi-user.target" and the information system security officer (ISSO) lacks a documented requirement for a graphical user interface, this is a finding.
Fix Text (F-61446r925329_fix)
Document the requirement for a graphical user interface with the ISSO or set the default target to multi-user with the following command:

$ sudo systemctl set-default multi-user.target