The x86 CTRL-ALT-DELETE key sequence must be disabled.

From Oracle Linux 5 Security Technical Implementation Guide

Part of GEN000000-LNX00580

Associated with: CCI-000366

SV-62991r1_rule The x86 CTRL-ALT-DELETE key sequence must be disabled.

Vulnerability discussion

Undesirable reboots can occur if the CTRL-ALT-DELETE key sequence is not disabled. Such reboots may cause a loss of data or loss of access to critical information.

Check content

Verify that reboot using the CTRL-ALT-DELETE key sequence has been disabled by performing: # grep ctrlaltdel /etc/inittab If the line returned does not specify "/usr/bin/logger", or is not commented out, this is a finding.

Fix text

Ensure the CTRL-ALT-DELETE key sequence has been disabled and attempts to use the sequence are logged. In the /etc/inittab file replace: ca::ctrlaltdel:/sbin/shutdown -t3 -r now with ca:nil:ctrlaltdel:/usr/bin/logger -p security.info "Ctrl-Alt-Del was pressed" Once this change has been made, execute the following command to force the "init" daemon to re-read /etc/inittab: # telinit q

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer