UCF STIG Viewer Logo

The Photon operating system must be configured so that the x86 Ctrl-Alt-Delete key sequence is disabled on the command line.


Finding ID Version Rule ID IA Controls Severity
V-258885 PHTN-40-000222 SV-258885r933716_rule Medium
When the Ctrl-Alt-Del target is enabled, a locally logged-on user who presses Ctrl-Alt-Delete, when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of systems availability due to unintentional reboot.
VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide 2023-10-29


Check Text ( C-62625r933714_chk )
At the command line, run the following command to verify the ctrl-alt-del target is disabled and masked:

# systemctl status ctrl-alt-del.target --no-pager

Example output:

Loaded: masked (Reason: Unit ctrl-alt-del.target is masked.)
Active: inactive (dead)

If the "ctrl-alt-del.target" is not "inactive" and "masked", this is a finding.
Fix Text (F-62534r933715_fix)
At the command line, run the following commands:

# systemctl disable ctrl-alt-del.target
# systemctl mask ctrl-alt-del.target
# systemctl daemon-reload